RHEL 6 : katello in Subscription Asset Manager (RHSA-2012:1187)

This script is Copyright (C) 2013-2014 Tenable Network Security, Inc.


Synopsis :

The remote Red Hat host is missing one or more security updates.

Description :

Updated katello packages that fix one security issue are now available
for Red Hat Subscription Asset Manager.

The Red Hat Security Response Team has rated this update as having
important security impact. A Common Vulnerability Scoring System
(CVSS) base score, which gives a detailed severity rating, is
available from the CVE link in the References section.

Katello allows you to manage the application life cycle for Linux
systems. Katello is used by Red Hat Subscription Asset Manager, a
distributor application for handling subscription information and
software updates on client machines.

It was found that the katello-common package's installation script did
not correctly generate the secret token used for session cookie
generation, leading to every default installation using the same
secret token. A remote attacker could use this flaw to create a cookie
that would allow them to log into the Subscription Asset Manager web
interface as any user, without knowing the passwords. (CVE-2012-3503)

All users of Red Hat Subscription Asset Manager are advised to upgrade
to these updated packages, which correct this issue. For instructions
on applying this update, refer to the Subscription Asset Manager
Installation Guide, linked to in the References section.

See also :

https://www.redhat.com/security/data/cve/CVE-2012-3503.html
https://access.redhat.com/knowledge/docs/en-US/
http://rhn.redhat.com/errata/RHSA-2012-1187.html

Solution :

Update the affected katello-common and / or katello-glue-candlepin
packages.

Risk factor :

Medium / CVSS Base Score : 6.5
(CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P)
CVSS Temporal Score : 5.4
(CVSS2#E:F/RL:OF/RC:ND)
Public Exploit Available : true

Family: Red Hat Local Security Checks

Nessus Plugin ID: 64052 ()

Bugtraq ID: 55140

CVE ID: CVE-2012-3503