This script is Copyright (C) 2010-2014 Tenable Network Security, Inc.
The remote Red Hat host is missing one or more security updates.
Red Hat Network Satellite Server version 5.0.1 is now available which
fixes a security issue in version 5.0.0.
This update has been rated as having moderate security impact by the
Red Hat Security Response Team.
During an internal code audit, a flaw was found in an unused back-end
XMLRPC handler first added to Red Hat Network Satellite Server 5.0.0.
A remote attacker with valid authentication credentials who was able
to connect to a Satellite Server could use this flaw to execute
arbitrary code on the server as the 'apache' user. (CVE-2007-4132)
Users of Red Hat Network Satellite Server 5.0.0 are advised to upgrade
to 5.0.1 which removes the unused, vulnerable handler.
Note: This issue did not affect the hosted version of Red Hat Network
or versions of Red Hat Network Satellite Server prior to 5.0.0.
See also :
Update the affected packages.
Risk factor :
Medium / CVSS Base Score : 6.5
Family: Red Hat Local Security Checks
Nessus Plugin ID: 43833 ()
CVE ID: CVE-2007-4132
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.