VYPR

Yum Rhn Plugin

by Red Hat

CVEs (2)

  • CVE-2010-1439Jun 7, 2010
    risk 0.00cvss epss 0.00

    yum-rhn-plugin in Red Hat Network Client Tools (aka rhn-client-tools) on Red Hat Enterprise Linux (RHEL) 5 and Fedora uses world-readable permissions for the /var/spool/up2date/loginAuth.pkl file, which allows local users to access the Red Hat Network profile, and possibly…

  • CVE-2008-3270Aug 18, 2008
    risk 0.00cvss epss 0.01

    yum-rhn-plugin in Red Hat Enterprise Linux (RHEL) 5 does not verify the SSL certificate for a file download from a Red Hat Network (RHN) server, which makes it easier for remote man-in-the-middle attackers to cause a denial of service (loss of updates) or force the download and…