A vulnerability has been reported in Red Hat Network Satellite Server, which can be exploited by malicious people to conduct session fixation attacks.
The vulnerability is caused due to an error in the handling of sessions and can be exploited to hijack another user's session by tricking the user into logging in after following a specially crafted link.
NOTE: Additionally, a weakness exists in the handling of failed authentication attempts and can be exploited to conduct a password brute force attack.
Solution: Updated packages are available via Red Hat Network.
Do you have additional information related to this advisory?
Please provide information about patches, mitigating factors, new versions, exploits, faulty patches, links, and other relevant data by posting comments to this Advisory. You can also send this
information to email@example.com
Subject: Red Hat Network Satellite Server Session Fixation Vulnerability
No posts yet
You must be logged in to post a comment.
Secunia Customer Login
Not a customer already?
Learn more about how our market leading Vulnerability Management solutions can help you manage risk and ensure compliance.