RHSA-2011:1794: Moderate: Red Hat Network Satellite server security update

First published: Wed Dec 07 2011(Updated: )

Red Hat Network (RHN) Satellite provides a solution to organizations<br>requiring absolute control over and privacy of the maintenance and package<br>deployment of their servers. It allows organizations to utilize the<br>benefits of the Red Hat Network without having to provide public Internet<br>access to their servers or other client systems.<br>A cross-site scripting (XSS) flaw was found in the RHN Satellite web<br>interface. An authenticated RHN Satellite user could use this flaw to<br>perform a cross-site scripting attack against other authenticated users who<br>are using the RHN Satellite web interface. (CVE-2011-4346)<br>Red Hat would like to thank William Hoffmann for reporting this issue.<br>Users of Red Hat Network Satellite 5.4.1 are advised to upgrade to these<br>updated packages, which contain a patch to correct this issue. For this<br>update to take effect, Red Hat Network Satellite must be restarted. Refer<br>to the Solution section for details.<br>

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• collector/redhat-errata
• anchor-id/RHSA-2011:1794
• agent/description
• agent/event
• agent/first-publish-date
• agent/last-modified-date
• agent/references
• agent/remedy
• agent/severity
• agent/softwarecombine
• agent/tags
• agent/title
• agent/type
• agent/weakness
• package-manager/redhat