Showing 1 - 4 of 4

CVE-2019-3845

Status Candidate

Overview

A lack of access control was found in the message queues maintained by Satellite's QPID broker and used by katello-agent in versions before Satellite 6.2, Satellite 6.1 optional and Satellite Capsule 6.1. A malicious user authenticated to a host registered to Satellite (or Capsule) can use this flaw to access QMF methods to any host also registered to Satellite (or Capsule) and execute privileged commands.

Related Files

Red Hat Security Advisory 2019-1223-01: Posted May 15, 2019; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2019-1223-01 - Red Hat Satellite is a systems management tool for Linux-based infrastructure. It allows for provisioning, remote management, and monitoring of multiple Linux deployments with a single centralized tool. This update provides the Satellite 6.5 Tools repositories. For the full list of new features provided by Satellite 6.5, see the Release Notes linked to in the references section. See the Satellite 6 Installation Guide for detailed instructions on how to install a new Satellite 6.5 environment, or the Satellite 6 Upgrading and Updating guide for detailed instructions on how to upgrade from prior versions of Satellite 6.; tags | advisory, remote; systems | linux, redhat; advisories | CVE-2019-3845; SHA-256 | dc6ba664e981fb90c30514101f82c3fb0aa7d7beb78d02f9739eee6faebad15a; Download | Favorite | View

Red Hat Security Advisory 2019-0733-01: Posted Apr 9, 2019; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2019-0733-01 - The qpid-dispatch-router package provides remote host management functionality and is configured through the katello-installer-base package. Additional packages included contain enhancements to support the fix. An issue was addressed where QMF methods were exposed to goferd via qdrouterd.; tags | advisory, remote; systems | linux, redhat; advisories | CVE-2019-3845; SHA-256 | b7ddf9378d9e5b43419822af1e776ef4eb1b207b28680f0a2ceb14a7513f95d2; Download | Favorite | View

Red Hat Security Advisory 2019-0734-01: Posted Apr 9, 2019; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2019-0734-01 - The qpid-dispatch-router package provides remote host management functionality and is configured through the katello-installer-base package. Additional packages included contain enhancements to support the fix. An issue was addressed where QMF methods were exposed to goferd via qdrouterd.; tags | advisory, remote; systems | linux, redhat; advisories | CVE-2019-3845; SHA-256 | 866f9e33a7d6e5c3b46363122949f5304790330c79765822c7f32f93e6cb0411; Download | Favorite | View

Red Hat Security Advisory 2019-0735-01: Posted Apr 9, 2019; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2019-0735-01 - The qpid-dispatch-router package provides remote host management functionality and is configured through the katello-installer-base package. Additional packages included contain enhancements to support the fix. An issue was addressed where QMF methods were exposed to goferd via qdrouterd.; tags | advisory, remote; systems | linux, redhat; advisories | CVE-2019-3845; SHA-256 | fc70dcf8273999b9d2c3fb3bce2692e157b704420488ad45c992567ad66cda40; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 210 files
Ubuntu 64 files
Debian 27 files
LiquidWorm 11 files
Valentin Lobstein 11 files
nu11secur1ty 8 files
Apple 6 files
Google Security Research 5 files
Ersin Erenler 4 files
E1.Coders 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,014)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,227)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,501)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,439)
UNIX (9,391)
UnixWare (187)
Windows (6,649)
Other

CVE-2019-3845

Overview

Related Files

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems