Open redirect vulnerability in Spacewalk 1.6, as used in Red Hat Network (RHN) Satellite, allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the url_bounce parameter.
References
Link | Resource |
---|---|
http://www.redhat.com/support/errata/RHSA-2011-1299.html | Patch Vendor Advisory |
https://bugzilla.redhat.com/show_bug.cgi?id=672167 | Vendor Advisory |
https://www.redhat.com/archives/spacewalk-announce-list/2011-December/msg00000.html | |
http://www.redhat.com/support/errata/RHSA-2011-1299.html | Patch Vendor Advisory |
https://bugzilla.redhat.com/show_bug.cgi?id=672167 | Vendor Advisory |
https://www.redhat.com/archives/spacewalk-announce-list/2011-December/msg00000.html |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 01:26
Type | Values Removed | Values Added |
---|---|---|
References | () http://www.redhat.com/support/errata/RHSA-2011-1299.html - Patch, Vendor Advisory | |
References | () https://bugzilla.redhat.com/show_bug.cgi?id=672167 - Vendor Advisory | |
References | () https://www.redhat.com/archives/spacewalk-announce-list/2011-December/msg00000.html - |
Information
Published : 2014-02-05 18:55
Updated : 2024-11-21 01:26
NVD link : CVE-2011-1594
Mitre link : CVE-2011-1594
CVE.ORG link : CVE-2011-1594
JSON object : View
Products Affected
redhat
- network_satellite
- spacewalk
CWE
CWE-20
Improper Input Validation