CVE Reference: CVE-2012-6137

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE:
CVE-2012-6137

Description:
rhn-migrate-classic-to-rhsm tool in Red Hat subscription-manager does not verify the Red Hat Network Classic server's X.509 certificate when migrating to a Certificate-based Red Hat Network, which allows remote man-in-the-middle attackers to obtain sensitive information such as user credentials.

CVE Status:
Candidate

References:

XF
  http://xforce.iss.net/xforce/xfdb/84020

ST
  1028520

SAID
  Secunia Advisory: SA53330

REDHAT
  http://rhn.redhat.com/errata/RHSA-2013-0788.html

OSVDB
  93058

CONFIRM

BID
  59674


Return to the previous page.