RHEL 6 : Satellite Server (RHSA-2015:1592)

medium Nessus Plugin ID 85716

Synopsis

The remote Red Hat host is missing one or more security updates.

Description

Red Hat Satellite 6.1 now available for Red Hat Enterprise Linux 6.

Red Hat Product Security has rated this update as having an important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.

Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to provide public Internet access to their servers or other client systems. It performs provisioning and configuration management of predefined standard operating environments.

This update provides Satellite 6.1 packages for Red Hat Enterprise Linux 6. For the full list of new features provided by Satellite 6.1 see the Release notes linked to in References section. (BZ#1201357)

It was discovered that, in Foreman, the edit_users permission (for example, granted to the Manager role) allowed the user to edit admin user passwords. An attacker with the edit_users permission could use this flaw to access an admin user account, leading to an escalation of privileges. (CVE-2015-3235)

It was found that Foreman did not set the HttpOnly flag on session cookies. This could allow a malicious script to access the session cookie. (CVE-2015-3155)

It was found that when making an SSL connection to an LDAP authentication source in Foreman, the remote server certificate was accepted without any verification against known certificate authorities, potentially making TLS connections vulnerable to man-in-the-middle attacks. (CVE-2015-1816)

A flaw was found in the way Foreman authorized user actions on resources via the API when an organization was not explicitly set. A remote attacker could use this flaw to obtain additional information about resources they were not authorized to access. (CVE-2015-1844)

A cross-site scripting (XSS) flaw was found in Foreman's template preview screen. A remote attacker could use this flaw to perform cross-site scripting attacks by tricking a user into viewing a malicious template. Note that templates are commonly shared among users. (CVE-2014-3653)

It was found that python-oauth2 did not properly verify the nonce of a signed URL. An attacker able to capture network traffic of a website using OAuth2 authentication could use this flaw to conduct replay attacks against that website. (CVE-2013-4346)

It was found that python-oauth2 did not properly generate random values for use in nonces. An attacker able to capture network traffic of a website using OAuth2 authentication could use this flaw to conduct replay attacks against that website. (CVE-2013-4347)

Red Hat would like to thank Rufus Jarnefelt of Coresec for reporting the Foreman HttpOnly issue.

All users who require Satellite 6.1 are advised to install these new packages.

Solution

Update the affected packages.

See Also

https://access.redhat.com/errata/RHSA-2015:1592

https://access.redhat.com/security/cve/cve-2013-4346

https://access.redhat.com/security/cve/cve-2013-4347

https://access.redhat.com/security/cve/cve-2014-3653

https://access.redhat.com/security/cve/cve-2015-1816

https://access.redhat.com/security/cve/cve-2015-1844

https://access.redhat.com/security/cve/cve-2015-3155

https://access.redhat.com/security/cve/cve-2015-3235

Plugin Details

Severity: Medium

ID: 85716

File Name: redhat-RHSA-2015-1592.nasl

Version: 2.10

Type: local

Agent: unix

Published: 9/1/2015

Updated: 10/24/2019

Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.5

CVSS v2

Risk Factor: Medium

Base Score: 6

Temporal Score: 4.4

Vector: CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P

Vulnerability Information

CPE: p-cpe:/a:redhat:enterprise_linux:aopalliance, p-cpe:/a:redhat:enterprise_linux:apache-commons-codec-eap6, p-cpe:/a:redhat:enterprise_linux:apache-mime4j, p-cpe:/a:redhat:enterprise_linux:atinject, p-cpe:/a:redhat:enterprise_linux:istack-commons, p-cpe:/a:redhat:enterprise_linux:bcmail, p-cpe:/a:redhat:enterprise_linux:bcpg, p-cpe:/a:redhat:enterprise_linux:bcprov, p-cpe:/a:redhat:enterprise_linux:bctsp, p-cpe:/a:redhat:enterprise_linux:bouncycastle, p-cpe:/a:redhat:enterprise_linux:c3p0, p-cpe:/a:redhat:enterprise_linux:candlepin, p-cpe:/a:redhat:enterprise_linux:candlepin-common, p-cpe:/a:redhat:enterprise_linux:candlepin-scl, p-cpe:/a:redhat:enterprise_linux:candlepin-scl-quartz, p-cpe:/a:redhat:enterprise_linux:candlepin-scl-rhino, p-cpe:/a:redhat:enterprise_linux:candlepin-scl-runtime, p-cpe:/a:redhat:enterprise_linux:candlepin-selinux, p-cpe:/a:redhat:enterprise_linux:candlepin-tomcat6, p-cpe:/a:redhat:enterprise_linux:createrepo_c, p-cpe:/a:redhat:enterprise_linux:createrepo_c-debuginfo, p-cpe:/a:redhat:enterprise_linux:createrepo_c-libs, p-cpe:/a:redhat:enterprise_linux:dom4j, p-cpe:/a:redhat:enterprise_linux:elasticsearch, p-cpe:/a:redhat:enterprise_linux:facter, p-cpe:/a:redhat:enterprise_linux:facter-debuginfo, p-cpe:/a:redhat:enterprise_linux:fasterxml-oss-parent, p-cpe:/a:redhat:enterprise_linux:foreman, p-cpe:/a:redhat:enterprise_linux:foreman-compute, p-cpe:/a:redhat:enterprise_linux:foreman-debug, p-cpe:/a:redhat:enterprise_linux:foreman-discovery-image, p-cpe:/a:redhat:enterprise_linux:foreman-gce, p-cpe:/a:redhat:enterprise_linux:foreman-libvirt, p-cpe:/a:redhat:enterprise_linux:foreman-ovirt, p-cpe:/a:redhat:enterprise_linux:foreman-postgresql, p-cpe:/a:redhat:enterprise_linux:foreman-proxy, p-cpe:/a:redhat:enterprise_linux:foreman-selinux, p-cpe:/a:redhat:enterprise_linux:foreman-vmware, p-cpe:/a:redhat:enterprise_linux:gettext-commons, p-cpe:/a:redhat:enterprise_linux:glassfish-jaf, p-cpe:/a:redhat:enterprise_linux:glassfish-javamail, p-cpe:/a:redhat:enterprise_linux:gofer, p-cpe:/a:redhat:enterprise_linux:google-collections, p-cpe:/a:redhat:enterprise_linux:google-guice, p-cpe:/a:redhat:enterprise_linux:gperftools-debuginfo, p-cpe:/a:redhat:enterprise_linux:gperftools-libs, p-cpe:/a:redhat:enterprise_linux:gutterball, p-cpe:/a:redhat:enterprise_linux:hibernate-beanvalidation-api, p-cpe:/a:redhat:enterprise_linux:hibernate-jpa-2.0-api, p-cpe:/a:redhat:enterprise_linux:hibernate3-commons-annotations, p-cpe:/a:redhat:enterprise_linux:hibernate4-c3p0, p-cpe:/a:redhat:enterprise_linux:hibernate4-core, p-cpe:/a:redhat:enterprise_linux:hibernate4-entitymanager, p-cpe:/a:redhat:enterprise_linux:hibernate4-validator, p-cpe:/a:redhat:enterprise_linux:hiera, p-cpe:/a:redhat:enterprise_linux:hornetq, p-cpe:/a:redhat:enterprise_linux:httpclient, p-cpe:/a:redhat:enterprise_linux:httpcomponents-client, p-cpe:/a:redhat:enterprise_linux:httpcomponents-core, p-cpe:/a:redhat:enterprise_linux:istack-commons-runtime, p-cpe:/a:redhat:enterprise_linux:jackson-annotations, p-cpe:/a:redhat:enterprise_linux:jackson-core, p-cpe:/a:redhat:enterprise_linux:jackson-databind, p-cpe:/a:redhat:enterprise_linux:jackson-datatype-hibernate-parent, p-cpe:/a:redhat:enterprise_linux:jackson-datatype-hibernate4, p-cpe:/a:redhat:enterprise_linux:jackson-jaxrs-base, p-cpe:/a:redhat:enterprise_linux:jackson-jaxrs-json-provider, p-cpe:/a:redhat:enterprise_linux:httpcomponents-project, p-cpe:/a:redhat:enterprise_linux:httpcore, p-cpe:/a:redhat:enterprise_linux:ipxe-bootimgs, p-cpe:/a:redhat:enterprise_linux:jackson-jaxrs-providers, p-cpe:/a:redhat:enterprise_linux:jackson-module-jaxb-annotations, p-cpe:/a:redhat:enterprise_linux:javassist, p-cpe:/a:redhat:enterprise_linux:jaxb-impl, p-cpe:/a:redhat:enterprise_linux:jaxb-project, p-cpe:/a:redhat:enterprise_linux:jboss-common-core, p-cpe:/a:redhat:enterprise_linux:jboss-jaxb-api_2.2_spec, p-cpe:/a:redhat:enterprise_linux:jboss-logging, p-cpe:/a:redhat:enterprise_linux:jboss-specs-parent, p-cpe:/a:redhat:enterprise_linux:jboss-transaction-api_1.1_spec, p-cpe:/a:redhat:enterprise_linux:jbossts, p-cpe:/a:redhat:enterprise_linux:jcl-over-slf4j, p-cpe:/a:redhat:enterprise_linux:jsr311-api, p-cpe:/a:redhat:enterprise_linux:katello, p-cpe:/a:redhat:enterprise_linux:katello-agent, p-cpe:/a:redhat:enterprise_linux:katello-certs-tools, p-cpe:/a:redhat:enterprise_linux:katello-common, p-cpe:/a:redhat:enterprise_linux:katello-debug, p-cpe:/a:redhat:enterprise_linux:katello-installer, p-cpe:/a:redhat:enterprise_linux:katello-installer-base, p-cpe:/a:redhat:enterprise_linux:katello-service, p-cpe:/a:redhat:enterprise_linux:katello-utils, p-cpe:/a:redhat:enterprise_linux:libmongodb, p-cpe:/a:redhat:enterprise_linux:libqpid-dispatch, p-cpe:/a:redhat:enterprise_linux:liquibase, p-cpe:/a:redhat:enterprise_linux:livecd-tools, p-cpe:/a:redhat:enterprise_linux:logback-classic, p-cpe:/a:redhat:enterprise_linux:logback-core, p-cpe:/a:redhat:enterprise_linux:logback-parent, p-cpe:/a:redhat:enterprise_linux:lucene4, p-cpe:/a:redhat:enterprise_linux:lucene4-contrib, p-cpe:/a:redhat:enterprise_linux:mod_passenger, p-cpe:/a:redhat:enterprise_linux:mod_wsgi, p-cpe:/a:redhat:enterprise_linux:mod_wsgi-debuginfo, p-cpe:/a:redhat:enterprise_linux:mongodb, p-cpe:/a:redhat:enterprise_linux:mongodb-debuginfo, p-cpe:/a:redhat:enterprise_linux:mongodb-server, p-cpe:/a:redhat:enterprise_linux:netty, p-cpe:/a:redhat:enterprise_linux:oauth, p-cpe:/a:redhat:enterprise_linux:objectweb-asm, p-cpe:/a:redhat:enterprise_linux:openscap, p-cpe:/a:redhat:enterprise_linux:openscap-debuginfo, p-cpe:/a:redhat:enterprise_linux:openscap-python, p-cpe:/a:redhat:enterprise_linux:openscap-scanner, p-cpe:/a:redhat:enterprise_linux:openscap-utils, p-cpe:/a:redhat:enterprise_linux:pulp-admin-client, p-cpe:/a:redhat:enterprise_linux:pulp-docker-plugins, p-cpe:/a:redhat:enterprise_linux:pulp-katello, p-cpe:/a:redhat:enterprise_linux:pulp-nodes-child, p-cpe:/a:redhat:enterprise_linux:pulp-nodes-common, p-cpe:/a:redhat:enterprise_linux:pulp-nodes-parent, p-cpe:/a:redhat:enterprise_linux:pulp-puppet-admin-extensions, p-cpe:/a:redhat:enterprise_linux:pulp-puppet-plugins, p-cpe:/a:redhat:enterprise_linux:pulp-puppet-tools, p-cpe:/a:redhat:enterprise_linux:pulp-rpm-admin-extensions, p-cpe:/a:redhat:enterprise_linux:pulp-rpm-handlers, p-cpe:/a:redhat:enterprise_linux:pulp-rpm-plugins, p-cpe:/a:redhat:enterprise_linux:pulp-selinux, p-cpe:/a:redhat:enterprise_linux:pulp-server, p-cpe:/a:redhat:enterprise_linux:puppet, p-cpe:/a:redhat:enterprise_linux:puppet-foreman_scap_client, p-cpe:/a:redhat:enterprise_linux:puppet-server, p-cpe:/a:redhat:enterprise_linux:puppetlabs-stdlib, p-cpe:/a:redhat:enterprise_linux:pyliblzma, p-cpe:/a:redhat:enterprise_linux:pyliblzma-debuginfo, p-cpe:/a:redhat:enterprise_linux:pyparsing, p-cpe:/a:redhat:enterprise_linux:python-beautifulsoup, p-cpe:/a:redhat:enterprise_linux:python-amqp, p-cpe:/a:redhat:enterprise_linux:python-billiard, p-cpe:/a:redhat:enterprise_linux:python-billiard-debuginfo, p-cpe:/a:redhat:enterprise_linux:python-blinker, p-cpe:/a:redhat:enterprise_linux:python-bson, p-cpe:/a:redhat:enterprise_linux:python-celery, p-cpe:/a:redhat:enterprise_linux:python-cherrypy, p-cpe:/a:redhat:enterprise_linux:python-crane, p-cpe:/a:redhat:enterprise_linux:python-flask, p-cpe:/a:redhat:enterprise_linux:python-gofer, p-cpe:/a:redhat:enterprise_linux:python-gofer-proton, p-cpe:/a:redhat:enterprise_linux:python-gofer-qpid, p-cpe:/a:redhat:enterprise_linux:python-httplib2, p-cpe:/a:redhat:enterprise_linux:python-imgcreate, p-cpe:/a:redhat:enterprise_linux:python-importlib, p-cpe:/a:redhat:enterprise_linux:python-isodate, p-cpe:/a:redhat:enterprise_linux:python-itsdangerous, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-foreman-tasks, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-foreman_abrt, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-foreman_bootdisk, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-foreman_discovery, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-foreman_docker, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-foreman_gutterball, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-foreman_hooks, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-foreman_openscap, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-formatador, p-cpe:/a:redhat:enterprise_linux:python-jinja2-26, p-cpe:/a:redhat:enterprise_linux:python-kombu, p-cpe:/a:redhat:enterprise_linux:python-mongoengine, p-cpe:/a:redhat:enterprise_linux:python-nectar, p-cpe:/a:redhat:enterprise_linux:python-oauth2, p-cpe:/a:redhat:enterprise_linux:python-okaara, p-cpe:/a:redhat:enterprise_linux:python-pulp-agent-lib, p-cpe:/a:redhat:enterprise_linux:python-pulp-bindings, p-cpe:/a:redhat:enterprise_linux:python-pulp-client-lib, p-cpe:/a:redhat:enterprise_linux:python-pulp-common, p-cpe:/a:redhat:enterprise_linux:python-pulp-docker-common, p-cpe:/a:redhat:enterprise_linux:python-pulp-puppet-common, p-cpe:/a:redhat:enterprise_linux:python-pulp-rpm-common, p-cpe:/a:redhat:enterprise_linux:python-pymongo, p-cpe:/a:redhat:enterprise_linux:python-pymongo-debuginfo, p-cpe:/a:redhat:enterprise_linux:python-pymongo-gridfs, p-cpe:/a:redhat:enterprise_linux:python-qpid, p-cpe:/a:redhat:enterprise_linux:python-qpid-proton, p-cpe:/a:redhat:enterprise_linux:python-qpid-qmf, p-cpe:/a:redhat:enterprise_linux:python-requests, p-cpe:/a:redhat:enterprise_linux:python-saslwrapper, p-cpe:/a:redhat:enterprise_linux:python-semantic-version, p-cpe:/a:redhat:enterprise_linux:python-webpy, p-cpe:/a:redhat:enterprise_linux:python-werkzeug, p-cpe:/a:redhat:enterprise_linux:qpid-cpp-client, p-cpe:/a:redhat:enterprise_linux:qpid-cpp-client-devel, p-cpe:/a:redhat:enterprise_linux:qpid-cpp-debuginfo, p-cpe:/a:redhat:enterprise_linux:qpid-cpp-server, p-cpe:/a:redhat:enterprise_linux:qpid-cpp-server-devel, p-cpe:/a:redhat:enterprise_linux:qpid-cpp-server-linearstore, p-cpe:/a:redhat:enterprise_linux:qpid-dispatch-debuginfo, p-cpe:/a:redhat:enterprise_linux:qpid-dispatch-router, p-cpe:/a:redhat:enterprise_linux:qpid-dispatch-tools, p-cpe:/a:redhat:enterprise_linux:qpid-java-client, p-cpe:/a:redhat:enterprise_linux:qpid-java-common, p-cpe:/a:redhat:enterprise_linux:qpid-proton-c, p-cpe:/a:redhat:enterprise_linux:qpid-proton-debuginfo, p-cpe:/a:redhat:enterprise_linux:qpid-qmf, p-cpe:/a:redhat:enterprise_linux:qpid-qmf-debuginfo, p-cpe:/a:redhat:enterprise_linux:qpid-tools, p-cpe:/a:redhat:enterprise_linux:resteasy, p-cpe:/a:redhat:enterprise_linux:ruby-augeas, p-cpe:/a:redhat:enterprise_linux:ruby-augeas-debuginfo, p-cpe:/a:redhat:enterprise_linux:ruby-rgen, p-cpe:/a:redhat:enterprise_linux:ruby-shadow, p-cpe:/a:redhat:enterprise_linux:ruby-shadow-debuginfo, p-cpe:/a:redhat:enterprise_linux:ruby193-facter, p-cpe:/a:redhat:enterprise_linux:ruby193-ruby-wrapper, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-addressable, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-algebrick, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-ancestry, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-anemone, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-angular-rails-templates, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-ansi, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-apipie-params, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-apipie-rails, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-archive-tar-minitar, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-audited, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-audited-activerecord, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-autoparse, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-bastion, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-bundler_ext, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-commonjs, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-daemons, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-deep_cloneable, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-deface, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-docker-api, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-dynflow, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-excon, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-extlib, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-faraday, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-fast_gettext, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-ffi, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-ffi-debuginfo, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-fog, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-fog-brightbox, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-fog-core, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-fog-json, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-fog-radosgw, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-fog-sakuracloud, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-fog-softlayer, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-fog-xml, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-foreigner, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-foreman-redhat_access, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-little-plugger, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-logging, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-multi_json, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-multi_json-doc, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-multipart-post, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-net-ldap, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-net-scp, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-net-ssh, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-nokogiri, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-friendly_id, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-gettext_i18n_rails, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-gettext_i18n_rails_js, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-google-api-client, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-haml, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-haml-rails, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-hashr, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-hooks, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-hpricot, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-hpricot-debuginfo, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-i18n_data, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-ipaddress, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-jquery-ui-rails, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-justified, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-jwt, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-katello, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-launchy, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-ldap_fluff, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-nokogiri-debuginfo, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-oauth, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-openscap, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-ovirt_provision_plugin, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-passenger, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-passenger-debuginfo, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-passenger-native, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-passenger-native-libs, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-pg, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-pg-debuginfo, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-po_to_json, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-qpid_messaging, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-qpid_messaging-debuginfo, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-rabl, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-rbovirt, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-rbvmomi, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-redhat_access_lib, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-rest-client, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-robotex, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-ruby-libvirt, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-ruby-libvirt-debuginfo, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-ruby2ruby, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-ruby_parser, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-runcible, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-safemode, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-sass, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-sass-doc, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-scaptimony, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-scoped_search, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-secure_headers, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-sequel, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-sexp_processor, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-signet, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-sprockets, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-sprockets-doc, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-sshkey, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-strong_parameters, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-tire, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-trollop, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-unf, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-unf-debuginfo, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-unf_ext, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-unf_ext-debuginfo, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-uuidtools, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-validates_lengths_from_database, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-wicked, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-will_paginate, p-cpe:/a:redhat:enterprise_linux:rubygem-ansi, p-cpe:/a:redhat:enterprise_linux:rubygem-apipie-bindings, p-cpe:/a:redhat:enterprise_linux:rubygem-awesome_print, p-cpe:/a:redhat:enterprise_linux:rubygem-bundler, p-cpe:/a:redhat:enterprise_linux:rubygem-bundler_ext, p-cpe:/a:redhat:enterprise_linux:rubygem-clamp, p-cpe:/a:redhat:enterprise_linux:rubygem-fast_gettext, p-cpe:/a:redhat:enterprise_linux:rubygem-fastercsv, p-cpe:/a:redhat:enterprise_linux:rubygem-ffi, p-cpe:/a:redhat:enterprise_linux:rubygem-ffi-debuginfo, p-cpe:/a:redhat:enterprise_linux:rubygem-foreman_scap_client, p-cpe:/a:redhat:enterprise_linux:rubygem-gssapi, p-cpe:/a:redhat:enterprise_linux:rubygem-hammer_cli, p-cpe:/a:redhat:enterprise_linux:rubygem-hammer_cli_csv, p-cpe:/a:redhat:enterprise_linux:rubygem-hammer_cli_foreman, p-cpe:/a:redhat:enterprise_linux:rubygem-hammer_cli_foreman_bootdisk, p-cpe:/a:redhat:enterprise_linux:rubygem-hammer_cli_foreman_discovery, p-cpe:/a:redhat:enterprise_linux:rubygem-hammer_cli_foreman_docker, p-cpe:/a:redhat:enterprise_linux:rubygem-hammer_cli_foreman_docker-doc, p-cpe:/a:redhat:enterprise_linux:rubygem-hammer_cli_foreman_tasks, p-cpe:/a:redhat:enterprise_linux:rubygem-hammer_cli_gutterball, p-cpe:/a:redhat:enterprise_linux:rubygem-hammer_cli_import, p-cpe:/a:redhat:enterprise_linux:rubygem-hammer_cli_katello, p-cpe:/a:redhat:enterprise_linux:rubygem-hashie, p-cpe:/a:redhat:enterprise_linux:rubygem-highline, p-cpe:/a:redhat:enterprise_linux:rubygem-json, p-cpe:/a:redhat:enterprise_linux:rubygem-json-debuginfo, p-cpe:/a:redhat:enterprise_linux:rubygem-kafo, p-cpe:/a:redhat:enterprise_linux:rubygem-kafo_parsers, p-cpe:/a:redhat:enterprise_linux:rubygem-little-plugger, p-cpe:/a:redhat:enterprise_linux:rubygem-locale, p-cpe:/a:redhat:enterprise_linux:rubygem-logging, p-cpe:/a:redhat:enterprise_linux:rubygem-mime-types, p-cpe:/a:redhat:enterprise_linux:rubygem-multi_json, p-cpe:/a:redhat:enterprise_linux:rubygem-multi_json-doc, p-cpe:/a:redhat:enterprise_linux:rubygem-oauth, p-cpe:/a:redhat:enterprise_linux:rubygem-passenger, p-cpe:/a:redhat:enterprise_linux:rubygem-passenger-debuginfo, p-cpe:/a:redhat:enterprise_linux:rubygem-passenger-native, p-cpe:/a:redhat:enterprise_linux:rubygem-passenger-native-libs, p-cpe:/a:redhat:enterprise_linux:rubygem-powerbar, p-cpe:/a:redhat:enterprise_linux:rubygem-rack, p-cpe:/a:redhat:enterprise_linux:rubygem-rack-protection, p-cpe:/a:redhat:enterprise_linux:rubygem-rake, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-less, p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-less-rails, p-cpe:/a:redhat:enterprise_linux:rubygem-rb-readline, p-cpe:/a:redhat:enterprise_linux:rubygem-rdoc, p-cpe:/a:redhat:enterprise_linux:rubygem-rdoc-debuginfo, p-cpe:/a:redhat:enterprise_linux:rubygem-rest-client, p-cpe:/a:redhat:enterprise_linux:rubygem-rkerberos, p-cpe:/a:redhat:enterprise_linux:rubygem-rkerberos-debuginfo, p-cpe:/a:redhat:enterprise_linux:rubygem-rubyipmi, p-cpe:/a:redhat:enterprise_linux:rubygem-satyr, p-cpe:/a:redhat:enterprise_linux:rubygem-sinatra, p-cpe:/a:redhat:enterprise_linux:rubygem-smart_proxy_abrt, p-cpe:/a:redhat:enterprise_linux:rubygem-smart_proxy_discovery, p-cpe:/a:redhat:enterprise_linux:rubygem-smart_proxy_openscap, p-cpe:/a:redhat:enterprise_linux:rubygem-smart_proxy_pulp, p-cpe:/a:redhat:enterprise_linux:rubygem-table_print, p-cpe:/a:redhat:enterprise_linux:rubygem-thor, p-cpe:/a:redhat:enterprise_linux:rubygem-tilt, p-cpe:/a:redhat:enterprise_linux:saslwrapper, p-cpe:/a:redhat:enterprise_linux:saslwrapper-debuginfo, p-cpe:/a:redhat:enterprise_linux:scannotation, p-cpe:/a:redhat:enterprise_linux:sigar, p-cpe:/a:redhat:enterprise_linux:sigar-debuginfo, p-cpe:/a:redhat:enterprise_linux:sigar-java, p-cpe:/a:redhat:enterprise_linux:sisu-cglib, p-cpe:/a:redhat:enterprise_linux:slf4j-api, p-cpe:/a:redhat:enterprise_linux:slf4j-parent, p-cpe:/a:redhat:enterprise_linux:snappy-java, p-cpe:/a:redhat:enterprise_linux:snappy-java-debuginfo, p-cpe:/a:redhat:enterprise_linux:sun-txw2, p-cpe:/a:redhat:enterprise_linux:v8, p-cpe:/a:redhat:enterprise_linux:v8-debuginfo, cpe:/o:redhat:enterprise_linux:6

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/cpu

Exploit Ease: No known exploits are available

Patch Publication Date: 8/12/2015

Vulnerability Publication Date: 5/20/2014

Reference Information

CVE: CVE-2013-4346, CVE-2013-4347, CVE-2014-3653, CVE-2015-1816, CVE-2015-1844, CVE-2015-3155, CVE-2015-3235

RHSA: 2015:1592