Oval Definition:	oval:org.mitre.oval:def:21127
Revision Date: 2014-02-17 Version: 11 Title: RHSA-2013:0250: elinks security update (Moderate) Description: The http_negotiate_create_context function in protocol/http/http_negotiate.c in ELinks 0.12 before 0.12pre6, when using HTTP Negotiate or GSS-Negotiate authentication, delegates user credentials through GSSAPI, which allows remote servers to authenticate as the client via the delegated credentials. Family: unix Class: patch Status: ACCEPTED Reference(s): CESA-2013:0250 CVE-2012-4545 RHSA-2013:0250-01 Platform(s): CentOS Linux 5 CentOS Linux 6 Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 6 Product(s): elinks Definition Synopsis Operation system section elinks is earlier than 0:0.12-0.21.pre5.el6_3 AND Redhat 6 or Centos 6 release The operating system installed on the system is Red Hat Enterprise Linux 6 OR The operating system installed on the system is CentOS Linux 6.x Operation system section Redhat 5 or Centos 5 release The operating system installed on the system is Red Hat Enterprise Linux 5 OR The operating system installed on the system is CentOS Linux 5.x AND elinks is earlier than 0:0.11.1-8.el5_9
BACK