Oval Definition:oval:com.redhat.rhsa:def:20110394
Revision Date:2011-03-28Version:638
Title:RHSA-2011:0394: conga security update (Important)
Description:The conga packages provide a web-based administration tool for remote cluster and storage management.

  • A privilege escalation flaw was found in luci, the Conga web-based administration application. A remote attacker could possibly use this flaw to obtain administrative access, allowing them to read, create, or modify the content of the luci application. (CVE-2011-0720)

    Users of Conga are advised to upgrade to these updated packages, which contain a backported patch to resolve this issue. After installing the updated packages, luci must be restarted ("service luci restart") for the update to take effect.
    • Family:unixClass:patch
    Status:Reference(s):CVE-2011-0720
    RHSA-2011:0394
    RHSA-2011:0394-01
    RHSA-2011:0394-01
    Platform(s):Red Hat Enterprise Linux 5
    		Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 5 is installed
  • AND
  • luci is earlier than 0:0.12.2-24.el5_6.1
  • AND luci is signed with Red Hat redhatrelease2 key
  • ricci is earlier than 0:0.12.2-24.el5_6.1
  • AND ricci is signed with Red Hat redhatrelease2 key
    • BACK