5.5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:P/A:N
7.4 High
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
62.1%
The remote Redhat Enterprise Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2012:1543 advisory.
katello: pulp admin password logged in plaintext in world-readable katello/production.log (CVE-2012-3538)
pulp /etc/pulp/pulp.conf world readable, contains default admin password (CVE-2012-4574)
CloudForms Katello: lack of authorization in proxies_controller.rb (CVE-2012-5603)
CloudForms grinder: /var/lib/pulp/cache/grinder directory is world-writeable (CVE-2012-5605)
Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Red Hat Security Advisory RHSA-2012:1543. The text
# itself is copyright (C) Red Hat, Inc.
##
include('compat.inc');
if (description)
{
script_id(193973);
script_version("1.0");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/04/27");
script_cve_id(
"CVE-2012-3538",
"CVE-2012-4574",
"CVE-2012-5603",
"CVE-2012-5605"
);
script_xref(name:"RHSA", value:"2012:1543");
script_name(english:"RHEL 5 / 6 : CloudForms System Engine 1.1 update (Important) (RHSA-2012:1543)");
script_set_attribute(attribute:"synopsis", value:
"The remote Red Hat host is missing one or more security updates.");
script_set_attribute(attribute:"description", value:
"The remote Redhat Enterprise Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as
referenced in the RHSA-2012:1543 advisory.
- katello: pulp admin password logged in plaintext in world-readable katello/production.log (CVE-2012-3538)
- pulp /etc/pulp/pulp.conf world readable, contains default admin password (CVE-2012-4574)
- CloudForms Katello: lack of authorization in proxies_controller.rb (CVE-2012-5603)
- CloudForms grinder: /var/lib/pulp/cache/grinder directory is world-writeable (CVE-2012-5605)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/updates/classification/#important");
# https://access.redhat.com/knowledge/docs/en-US/CloudForms/1.1/html/Installation_Guide/index.html
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?b59a1d3b");
# https://access.redhat.com/knowledge/docs/en-US/CloudForms/1.1/html/Technical_Notes/index.html
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?9b3c4df9");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=746765");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=753128");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=760180");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=766694");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=769559");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=782954");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=786176");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=786226");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=787184");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=787305");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=789139");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=789535");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=790138");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=790342");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=796047");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=796972");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=797299");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=797321");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=797412");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=799538");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=800529");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=801454");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=801580");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=802925");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=803548");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=803702");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=803728");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=803761");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=804127");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=804555");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=804610");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=804685");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=805027");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=805412");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=805627");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=805709");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=805956");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=806076");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=806078");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=806083");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=806353");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=806879");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=806940");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=806969");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=807288");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=807291");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=807468");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=807804");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=808172");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=808437");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=809259");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=810378");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=810945");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=811556");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=811564");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=812417");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=813675");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=815308");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=815802");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=816935");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=817123");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=818204");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=818261");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=818370");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=819593");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=819941");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=820373");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=820385");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=820624");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=820626");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=820630");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=821345");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=821644");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=821929");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=822119");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=822484");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=823688");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=824069");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=824581");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=826581");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=827087");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=827108");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=828447");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=828533");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=829208");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=829437");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=829794");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=830176");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=831664");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=834006");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=834013");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=834242");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=834646");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=834697");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=835586");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=835591");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=835875");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=836339");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=836575");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=837000");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=839005");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=840616");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=840624");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=840625");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=841000");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=841289");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=841300");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=841310");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=841686");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=841691");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=841984");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=841998");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=842003");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=842005");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=842010");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=842252");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=842256");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=842271");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=842569");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=842838");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=842858");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=843059");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=843061");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=843064");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=843161");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=843165");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=843462");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=843529");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=843845");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=844414");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=844417");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=844678");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=844796");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=844806");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=845060");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=845096");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=845198");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=845224");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=845576");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=845580");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=845613");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=845668");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=845995");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=846251");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=846482");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=846719");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=847002");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=847115");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=847858");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=848038");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=849224");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=850342");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=850790");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=851080");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=851142");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=851512");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=852006");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=852119");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=852167");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=852199");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=852316");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=852388");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=852791");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=852804");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=853056");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=853229");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=853356");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=853445");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=853995");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=854697");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=855184");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=855267");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=855406");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=856220");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=857078");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=857230");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=857274");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=857499");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=857539");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=857550");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=857574");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=857720");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=857727");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=857842");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=858011");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=858013");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=858038");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=858193");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=858277");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=858358");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=858360");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=858363");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=858661");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=858678");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=858682");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=858706");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=858960");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=859329");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=859407");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=859415");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=859442");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=859604");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=859784");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=859963");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=860251");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=860421");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=860702");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=860709");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=862441");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=862997");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=863187");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=863252");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=864216");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=864372");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=864936");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=864999");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=865528");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=865811");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=869575");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=871086");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=872096");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=872305");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=872487");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=873850");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=874160");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=874185");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=874768");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=882129");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=882138");
# https://access.redhat.com/security/data/csaf/v2/advisories/2012/rhsa-2012_1543.json
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?e122d4ae");
script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2012:1543");
script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:N");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2012-5603");
script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2012-4574");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vendor_severity", value:"Important");
script_set_attribute(attribute:"vuln_publication_date", value:"2012/12/04");
script_set_attribute(attribute:"patch_publication_date", value:"2012/12/04");
script_set_attribute(attribute:"plugin_publication_date", value:"2024/04/27");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:5");
script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:6");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:candlepin");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:candlepin-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:candlepin-selinux");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:candlepin-tomcat6");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:gofer");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:gofer-package");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:gofer-watchdog");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:grinder");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:katello");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:katello-agent");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:katello-all");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:katello-api-docs");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:katello-certs-tools");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:katello-cli");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:katello-cli-common");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:katello-cli-tests");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:katello-common");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:katello-configure");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:katello-glue-candlepin");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:katello-glue-pulp");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:katello-selinux");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:pulp");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:pulp-admin");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:pulp-client-lib");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:pulp-common");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:pulp-consumer");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:pulp-selinux-server");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:python-gofer");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:quartz");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:rubygem-apipie-rails");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Red Hat Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl", "redhat_repos.nasl");
script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
exit(0);
}
include('rpm.inc');
include('rhel.inc');
if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item('Host/RedHat/release');
if (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');
var os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:os_release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');
os_ver = os_ver[1];
if (!rhel_check_release_list(operator: 'ge', os_version: os_ver, rhel_versions: ['5','6'])) audit(AUDIT_OS_NOT, 'Red Hat 5.x / 6.x', 'Red Hat ' + os_ver);
if (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);
var constraints = [
{
'repo_relative_urls': [
'content/dist/rhel/server/5/5Server/i386/cf-tools/1/os',
'content/dist/rhel/server/5/5Server/i386/cf-tools/1/source/SRPMS',
'content/dist/rhel/server/5/5Server/x86_64/cf-tools/1/os',
'content/dist/rhel/server/5/5Server/x86_64/cf-tools/1/source/SRPMS'
],
'pkgs': [
{'reference':'gofer-0.66.1-2.el5', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'cfme-'},
{'reference':'gofer-package-0.66.1-2.el5', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'cfme-'},
{'reference':'gofer-watchdog-0.66.1-2.el5', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'cfme-'},
{'reference':'katello-agent-1.1.2-1.el5', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'cfme-'},
{'reference':'python-gofer-0.66.1-2.el5', 'release':'5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'cfme-'}
]
},
{
'repo_relative_urls': [
'content/dist/rhel/server/6/6Server/i386/cf-tools/1/debug',
'content/dist/rhel/server/6/6Server/i386/cf-tools/1/os',
'content/dist/rhel/server/6/6Server/i386/cf-tools/1/source/SRPMS',
'content/dist/rhel/server/6/6Server/x86_64/cf-se/1/debug',
'content/dist/rhel/server/6/6Server/x86_64/cf-se/1/os',
'content/dist/rhel/server/6/6Server/x86_64/cf-se/1/source/SRPMS',
'content/dist/rhel/server/6/6Server/x86_64/cf-tools/1/debug',
'content/dist/rhel/server/6/6Server/x86_64/cf-tools/1/os',
'content/dist/rhel/server/6/6Server/x86_64/cf-tools/1/source/SRPMS'
],
'pkgs': [
{'reference':'gofer-0.66.1-2.el6cf', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'cfme-'},
{'reference':'gofer-package-0.66.1-2.el6cf', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'cfme-'},
{'reference':'gofer-watchdog-0.66.1-2.el6cf', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'cfme-'},
{'reference':'python-gofer-0.66.1-2.el6cf', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'cfme-'}
]
},
{
'repo_relative_urls': [
'content/dist/rhel/server/6/6Server/i386/cf-tools/1/debug',
'content/dist/rhel/server/6/6Server/i386/cf-tools/1/os',
'content/dist/rhel/server/6/6Server/i386/cf-tools/1/source/SRPMS',
'content/dist/rhel/server/6/6Server/x86_64/cf-tools/1/debug',
'content/dist/rhel/server/6/6Server/x86_64/cf-tools/1/os',
'content/dist/rhel/server/6/6Server/x86_64/cf-tools/1/source/SRPMS'
],
'pkgs': [
{'reference':'katello-agent-1.1.2-1.el6cf', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'cfme-'}
]
},
{
'repo_relative_urls': [
'content/dist/rhel/server/6/6Server/x86_64/cf-se/1/debug',
'content/dist/rhel/server/6/6Server/x86_64/cf-se/1/os',
'content/dist/rhel/server/6/6Server/x86_64/cf-se/1/source/SRPMS'
],
'pkgs': [
{'reference':'candlepin-0.7.8.1-1.el6cf', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'cfme-'},
{'reference':'candlepin-devel-0.7.8.1-1.el6cf', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'cfme-'},
{'reference':'candlepin-selinux-0.7.8.1-1.el6cf', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'cfme-'},
{'reference':'candlepin-tomcat6-0.7.8.1-1.el6cf', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'cfme-'},
{'reference':'grinder-0.0.150-1.el6cf', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'cfme-'},
{'reference':'katello-1.1.12-22.el6cf', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'cfme-'},
{'reference':'katello-all-1.1.12-22.el6cf', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'cfme-'},
{'reference':'katello-api-docs-1.1.12-22.el6cf', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'cfme-'},
{'reference':'katello-certs-tools-1.1.8-1.el6cf', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'cfme-'},
{'reference':'katello-cli-1.1.8-12.el6cf', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'cfme-'},
{'reference':'katello-cli-common-1.1.8-12.el6cf', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'cfme-'},
{'reference':'katello-cli-tests-1.1.5-2.el6cf', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'cfme-'},
{'reference':'katello-common-1.1.12-22.el6cf', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'cfme-'},
{'reference':'katello-configure-1.1.9-12.el6cf', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'cfme-'},
{'reference':'katello-glue-candlepin-1.1.12-22.el6cf', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'cfme-'},
{'reference':'katello-glue-pulp-1.1.12-22.el6cf', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'cfme-'},
{'reference':'katello-selinux-1.1.1-2.el6cf', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'cfme-'},
{'reference':'pulp-1.1.14-1.el6cf', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'cfme-'},
{'reference':'pulp-admin-1.1.14-1.el6cf', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'cfme-'},
{'reference':'pulp-client-lib-1.1.14-1.el6cf', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'cfme-'},
{'reference':'pulp-common-1.1.14-1.el6cf', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'cfme-'},
{'reference':'pulp-consumer-1.1.14-1.el6cf', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'cfme-'},
{'reference':'pulp-selinux-server-1.1.14-1.el6cf', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'cfme-'},
{'reference':'quartz-2.1.5-4.el6cf', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'cfme-'},
{'reference':'rubygem-apipie-rails-0.0.11-3.el6cf', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'cfme-'}
]
}
];
var applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);
if(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);
var flag = 0;
foreach var constraint_array ( constraints ) {
var repo_relative_urls = NULL;
if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];
foreach var pkg ( constraint_array['pkgs'] ) {
var reference = NULL;
var _release = NULL;
var sp = NULL;
var _cpu = NULL;
var el_string = NULL;
var rpm_spec_vers_cmp = NULL;
var epoch = NULL;
var allowmaj = NULL;
var exists_check = NULL;
var cves = NULL;
if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];
if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];
if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];
if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];
if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];
if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];
if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];
if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];
if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];
if (!empty_or_null(pkg['cves'])) cves = pkg['cves'];
if (reference &&
_release &&
rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&
(applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&
rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj, cves:cves)) flag++;
}
}
if (flag)
{
var extra = NULL;
if (isnull(applicable_repo_urls) || !applicable_repo_urls) extra = rpm_report_get() + redhat_report_repo_caveat();
else extra = rpm_report_get();
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : extra
);
exit(0);
}
else
{
var tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'candlepin / candlepin-devel / candlepin-selinux / candlepin-tomcat6 / etc');
}
Vendor | Product | Version | CPE |
---|---|---|---|
redhat | enterprise_linux | katello-configure | p-cpe:/a:redhat:enterprise_linux:katello-configure |
redhat | enterprise_linux | katello-glue-candlepin | p-cpe:/a:redhat:enterprise_linux:katello-glue-candlepin |
redhat | enterprise_linux | 5 | cpe:/o:redhat:enterprise_linux:5 |
redhat | enterprise_linux | 6 | cpe:/o:redhat:enterprise_linux:6 |
redhat | enterprise_linux | candlepin | p-cpe:/a:redhat:enterprise_linux:candlepin |
redhat | enterprise_linux | candlepin-devel | p-cpe:/a:redhat:enterprise_linux:candlepin-devel |
redhat | enterprise_linux | candlepin-selinux | p-cpe:/a:redhat:enterprise_linux:candlepin-selinux |
redhat | enterprise_linux | candlepin-tomcat6 | p-cpe:/a:redhat:enterprise_linux:candlepin-tomcat6 |
redhat | enterprise_linux | gofer | p-cpe:/a:redhat:enterprise_linux:gofer |
redhat | enterprise_linux | gofer-package | p-cpe:/a:redhat:enterprise_linux:gofer-package |
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3538
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4574
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5603
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5605
www.nessus.org/u?9b3c4df9
www.nessus.org/u?b59a1d3b
www.nessus.org/u?e122d4ae
access.redhat.com/errata/RHSA-2012:1543
access.redhat.com/security/updates/classification/#important
bugzilla.redhat.com/show_bug.cgi?id=746765
bugzilla.redhat.com/show_bug.cgi?id=753128
bugzilla.redhat.com/show_bug.cgi?id=760180
bugzilla.redhat.com/show_bug.cgi?id=766694
bugzilla.redhat.com/show_bug.cgi?id=769559
bugzilla.redhat.com/show_bug.cgi?id=782954
bugzilla.redhat.com/show_bug.cgi?id=786176
bugzilla.redhat.com/show_bug.cgi?id=786226
bugzilla.redhat.com/show_bug.cgi?id=787184
bugzilla.redhat.com/show_bug.cgi?id=787305
bugzilla.redhat.com/show_bug.cgi?id=789139
bugzilla.redhat.com/show_bug.cgi?id=789535
bugzilla.redhat.com/show_bug.cgi?id=790138
bugzilla.redhat.com/show_bug.cgi?id=790342
bugzilla.redhat.com/show_bug.cgi?id=796047
bugzilla.redhat.com/show_bug.cgi?id=796972
bugzilla.redhat.com/show_bug.cgi?id=797299
bugzilla.redhat.com/show_bug.cgi?id=797321
bugzilla.redhat.com/show_bug.cgi?id=797412
bugzilla.redhat.com/show_bug.cgi?id=799538
bugzilla.redhat.com/show_bug.cgi?id=800529
bugzilla.redhat.com/show_bug.cgi?id=801454
bugzilla.redhat.com/show_bug.cgi?id=801580
bugzilla.redhat.com/show_bug.cgi?id=802925
bugzilla.redhat.com/show_bug.cgi?id=803548
bugzilla.redhat.com/show_bug.cgi?id=803702
bugzilla.redhat.com/show_bug.cgi?id=803728
bugzilla.redhat.com/show_bug.cgi?id=803761
bugzilla.redhat.com/show_bug.cgi?id=804127
bugzilla.redhat.com/show_bug.cgi?id=804555
bugzilla.redhat.com/show_bug.cgi?id=804610
bugzilla.redhat.com/show_bug.cgi?id=804685
bugzilla.redhat.com/show_bug.cgi?id=805027
bugzilla.redhat.com/show_bug.cgi?id=805412
bugzilla.redhat.com/show_bug.cgi?id=805627
bugzilla.redhat.com/show_bug.cgi?id=805709
bugzilla.redhat.com/show_bug.cgi?id=805956
bugzilla.redhat.com/show_bug.cgi?id=806076
bugzilla.redhat.com/show_bug.cgi?id=806078
bugzilla.redhat.com/show_bug.cgi?id=806083
bugzilla.redhat.com/show_bug.cgi?id=806353
bugzilla.redhat.com/show_bug.cgi?id=806879
bugzilla.redhat.com/show_bug.cgi?id=806940
bugzilla.redhat.com/show_bug.cgi?id=806969
bugzilla.redhat.com/show_bug.cgi?id=807288
bugzilla.redhat.com/show_bug.cgi?id=807291
bugzilla.redhat.com/show_bug.cgi?id=807468
bugzilla.redhat.com/show_bug.cgi?id=807804
bugzilla.redhat.com/show_bug.cgi?id=808172
bugzilla.redhat.com/show_bug.cgi?id=808437
bugzilla.redhat.com/show_bug.cgi?id=809259
bugzilla.redhat.com/show_bug.cgi?id=810378
bugzilla.redhat.com/show_bug.cgi?id=810945
bugzilla.redhat.com/show_bug.cgi?id=811556
bugzilla.redhat.com/show_bug.cgi?id=811564
bugzilla.redhat.com/show_bug.cgi?id=812417
bugzilla.redhat.com/show_bug.cgi?id=813675
bugzilla.redhat.com/show_bug.cgi?id=815308
bugzilla.redhat.com/show_bug.cgi?id=815802
bugzilla.redhat.com/show_bug.cgi?id=816935
bugzilla.redhat.com/show_bug.cgi?id=817123
bugzilla.redhat.com/show_bug.cgi?id=818204
bugzilla.redhat.com/show_bug.cgi?id=818261
bugzilla.redhat.com/show_bug.cgi?id=818370
bugzilla.redhat.com/show_bug.cgi?id=819593
bugzilla.redhat.com/show_bug.cgi?id=819941
bugzilla.redhat.com/show_bug.cgi?id=820373
bugzilla.redhat.com/show_bug.cgi?id=820385
bugzilla.redhat.com/show_bug.cgi?id=820624
bugzilla.redhat.com/show_bug.cgi?id=820626
bugzilla.redhat.com/show_bug.cgi?id=820630
bugzilla.redhat.com/show_bug.cgi?id=821345
bugzilla.redhat.com/show_bug.cgi?id=821644
bugzilla.redhat.com/show_bug.cgi?id=821929
bugzilla.redhat.com/show_bug.cgi?id=822119
bugzilla.redhat.com/show_bug.cgi?id=822484
bugzilla.redhat.com/show_bug.cgi?id=823688
bugzilla.redhat.com/show_bug.cgi?id=824069
bugzilla.redhat.com/show_bug.cgi?id=824581
bugzilla.redhat.com/show_bug.cgi?id=826581
bugzilla.redhat.com/show_bug.cgi?id=827087
bugzilla.redhat.com/show_bug.cgi?id=827108
bugzilla.redhat.com/show_bug.cgi?id=828447
bugzilla.redhat.com/show_bug.cgi?id=828533
bugzilla.redhat.com/show_bug.cgi?id=829208
bugzilla.redhat.com/show_bug.cgi?id=829437
bugzilla.redhat.com/show_bug.cgi?id=829794
bugzilla.redhat.com/show_bug.cgi?id=830176
bugzilla.redhat.com/show_bug.cgi?id=831664
bugzilla.redhat.com/show_bug.cgi?id=834006
bugzilla.redhat.com/show_bug.cgi?id=834013
bugzilla.redhat.com/show_bug.cgi?id=834242
bugzilla.redhat.com/show_bug.cgi?id=834646
bugzilla.redhat.com/show_bug.cgi?id=834697
bugzilla.redhat.com/show_bug.cgi?id=835586
bugzilla.redhat.com/show_bug.cgi?id=835591
bugzilla.redhat.com/show_bug.cgi?id=835875
bugzilla.redhat.com/show_bug.cgi?id=836339
bugzilla.redhat.com/show_bug.cgi?id=836575
bugzilla.redhat.com/show_bug.cgi?id=837000
bugzilla.redhat.com/show_bug.cgi?id=839005
bugzilla.redhat.com/show_bug.cgi?id=840616
bugzilla.redhat.com/show_bug.cgi?id=840624
bugzilla.redhat.com/show_bug.cgi?id=840625
bugzilla.redhat.com/show_bug.cgi?id=841000
bugzilla.redhat.com/show_bug.cgi?id=841289
bugzilla.redhat.com/show_bug.cgi?id=841300
bugzilla.redhat.com/show_bug.cgi?id=841310
bugzilla.redhat.com/show_bug.cgi?id=841686
bugzilla.redhat.com/show_bug.cgi?id=841691
bugzilla.redhat.com/show_bug.cgi?id=841984
bugzilla.redhat.com/show_bug.cgi?id=841998
bugzilla.redhat.com/show_bug.cgi?id=842003
bugzilla.redhat.com/show_bug.cgi?id=842005
bugzilla.redhat.com/show_bug.cgi?id=842010
bugzilla.redhat.com/show_bug.cgi?id=842252
bugzilla.redhat.com/show_bug.cgi?id=842256
bugzilla.redhat.com/show_bug.cgi?id=842271
bugzilla.redhat.com/show_bug.cgi?id=842569
bugzilla.redhat.com/show_bug.cgi?id=842838
bugzilla.redhat.com/show_bug.cgi?id=842858
bugzilla.redhat.com/show_bug.cgi?id=843059
bugzilla.redhat.com/show_bug.cgi?id=843061
bugzilla.redhat.com/show_bug.cgi?id=843064
bugzilla.redhat.com/show_bug.cgi?id=843161
bugzilla.redhat.com/show_bug.cgi?id=843165
bugzilla.redhat.com/show_bug.cgi?id=843462
bugzilla.redhat.com/show_bug.cgi?id=843529
bugzilla.redhat.com/show_bug.cgi?id=843845
bugzilla.redhat.com/show_bug.cgi?id=844414
bugzilla.redhat.com/show_bug.cgi?id=844417
bugzilla.redhat.com/show_bug.cgi?id=844678
bugzilla.redhat.com/show_bug.cgi?id=844796
bugzilla.redhat.com/show_bug.cgi?id=844806
bugzilla.redhat.com/show_bug.cgi?id=845060
bugzilla.redhat.com/show_bug.cgi?id=845096
bugzilla.redhat.com/show_bug.cgi?id=845198
bugzilla.redhat.com/show_bug.cgi?id=845224
bugzilla.redhat.com/show_bug.cgi?id=845576
bugzilla.redhat.com/show_bug.cgi?id=845580
bugzilla.redhat.com/show_bug.cgi?id=845613
bugzilla.redhat.com/show_bug.cgi?id=845668
bugzilla.redhat.com/show_bug.cgi?id=845995
bugzilla.redhat.com/show_bug.cgi?id=846251
bugzilla.redhat.com/show_bug.cgi?id=846482
bugzilla.redhat.com/show_bug.cgi?id=846719
bugzilla.redhat.com/show_bug.cgi?id=847002
bugzilla.redhat.com/show_bug.cgi?id=847115
bugzilla.redhat.com/show_bug.cgi?id=847858
bugzilla.redhat.com/show_bug.cgi?id=848038
bugzilla.redhat.com/show_bug.cgi?id=849224
bugzilla.redhat.com/show_bug.cgi?id=850342
bugzilla.redhat.com/show_bug.cgi?id=850790
bugzilla.redhat.com/show_bug.cgi?id=851080
bugzilla.redhat.com/show_bug.cgi?id=851142
bugzilla.redhat.com/show_bug.cgi?id=851512
bugzilla.redhat.com/show_bug.cgi?id=852006
bugzilla.redhat.com/show_bug.cgi?id=852119
bugzilla.redhat.com/show_bug.cgi?id=852167
bugzilla.redhat.com/show_bug.cgi?id=852199
bugzilla.redhat.com/show_bug.cgi?id=852316
bugzilla.redhat.com/show_bug.cgi?id=852388
bugzilla.redhat.com/show_bug.cgi?id=852791
bugzilla.redhat.com/show_bug.cgi?id=852804
bugzilla.redhat.com/show_bug.cgi?id=853056
bugzilla.redhat.com/show_bug.cgi?id=853229
bugzilla.redhat.com/show_bug.cgi?id=853356
bugzilla.redhat.com/show_bug.cgi?id=853445
bugzilla.redhat.com/show_bug.cgi?id=853995
bugzilla.redhat.com/show_bug.cgi?id=854697
bugzilla.redhat.com/show_bug.cgi?id=855184
bugzilla.redhat.com/show_bug.cgi?id=855267
bugzilla.redhat.com/show_bug.cgi?id=855406
bugzilla.redhat.com/show_bug.cgi?id=856220
bugzilla.redhat.com/show_bug.cgi?id=857078
bugzilla.redhat.com/show_bug.cgi?id=857230
bugzilla.redhat.com/show_bug.cgi?id=857274
bugzilla.redhat.com/show_bug.cgi?id=857499
bugzilla.redhat.com/show_bug.cgi?id=857539
bugzilla.redhat.com/show_bug.cgi?id=857550
bugzilla.redhat.com/show_bug.cgi?id=857574
bugzilla.redhat.com/show_bug.cgi?id=857720
bugzilla.redhat.com/show_bug.cgi?id=857727
bugzilla.redhat.com/show_bug.cgi?id=857842
bugzilla.redhat.com/show_bug.cgi?id=858011
bugzilla.redhat.com/show_bug.cgi?id=858013
bugzilla.redhat.com/show_bug.cgi?id=858038
bugzilla.redhat.com/show_bug.cgi?id=858193
bugzilla.redhat.com/show_bug.cgi?id=858277
bugzilla.redhat.com/show_bug.cgi?id=858358
bugzilla.redhat.com/show_bug.cgi?id=858360
bugzilla.redhat.com/show_bug.cgi?id=858363
bugzilla.redhat.com/show_bug.cgi?id=858661
bugzilla.redhat.com/show_bug.cgi?id=858678
bugzilla.redhat.com/show_bug.cgi?id=858682
bugzilla.redhat.com/show_bug.cgi?id=858706
bugzilla.redhat.com/show_bug.cgi?id=858960
bugzilla.redhat.com/show_bug.cgi?id=859329
bugzilla.redhat.com/show_bug.cgi?id=859407
bugzilla.redhat.com/show_bug.cgi?id=859415
bugzilla.redhat.com/show_bug.cgi?id=859442
bugzilla.redhat.com/show_bug.cgi?id=859604
bugzilla.redhat.com/show_bug.cgi?id=859784
bugzilla.redhat.com/show_bug.cgi?id=859963
bugzilla.redhat.com/show_bug.cgi?id=860251
bugzilla.redhat.com/show_bug.cgi?id=860421
bugzilla.redhat.com/show_bug.cgi?id=860702
bugzilla.redhat.com/show_bug.cgi?id=860709
bugzilla.redhat.com/show_bug.cgi?id=862441
bugzilla.redhat.com/show_bug.cgi?id=862997
bugzilla.redhat.com/show_bug.cgi?id=863187
bugzilla.redhat.com/show_bug.cgi?id=863252
bugzilla.redhat.com/show_bug.cgi?id=864216
bugzilla.redhat.com/show_bug.cgi?id=864372
bugzilla.redhat.com/show_bug.cgi?id=864936
bugzilla.redhat.com/show_bug.cgi?id=864999
bugzilla.redhat.com/show_bug.cgi?id=865528
bugzilla.redhat.com/show_bug.cgi?id=865811
bugzilla.redhat.com/show_bug.cgi?id=869575
bugzilla.redhat.com/show_bug.cgi?id=871086
bugzilla.redhat.com/show_bug.cgi?id=872096
bugzilla.redhat.com/show_bug.cgi?id=872305
bugzilla.redhat.com/show_bug.cgi?id=872487
bugzilla.redhat.com/show_bug.cgi?id=873850
bugzilla.redhat.com/show_bug.cgi?id=874160
bugzilla.redhat.com/show_bug.cgi?id=874185
bugzilla.redhat.com/show_bug.cgi?id=874768
bugzilla.redhat.com/show_bug.cgi?id=882129
bugzilla.redhat.com/show_bug.cgi?id=882138