Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
CRLF injection vulnerability in spacewalk-java before 2.1.148-1 and Red Hat Network (RHN) Satellite 5.6 allows remote attackers to inject arbitrary HTTP headers, and conduct HTTP response splitting attacks and cross-site scripting (XSS) attacks, via the return_url parameter.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
spacewalk-java和Red Hat Network Satellite CRLF注入漏洞
Vulnerability Description
Red Hat Network Satellite(RHN Satellite,红帽网络卫星)是美国红帽(Red Hat)公司的一套系统管理平台。Spacewalk-Java是一套使用Java语言编写且基于红帽网络卫星开发的开源Linux系统管理解决方案。 spacewalk-java 2.1.147-1及之前版本和RHN Satellite 5.6版本中存在CRLF注入漏洞。远程攻击者可借助‘return_url’参数利用该漏洞注入任意HTTP头,实施HTTP响应拆分攻击和跨站脚本攻击。
CVSS Information
N/A
Vulnerability Type
N/A