Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
yum-rhn-plugin in Red Hat Network Client Tools (aka rhn-client-tools) on Red Hat Enterprise Linux (RHEL) 5 and Fedora uses world-readable permissions for the /var/spool/up2date/loginAuth.pkl file, which allows local users to access the Red Hat Network profile, and possibly prevent future security updates, by leveraging authentication data from this file.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Red Hat Client Tools不安全loginAuth.pkl文件权限漏洞
Vulnerability Description
file.RedHat操作系统中所提供的Client Tools允许系统通过Red Hat Network接收软件升级。 rhn-client-tools对用于存储认证到RedHat Network服务器的会话凭据的loginAuth.pkl文件设置了不安全权限,有访问权限的本地用户可以利用这些凭据从Red Hat Network下载软件包,还可以操控与系统配置文件相关的软件包或操作列表。
CVSS Information
N/A
Vulnerability Type
N/A