Oval Definition:
oval:org.mitre.oval:def:631
Revision Date
:
2007-04-25
Version
:
17
Title
:
up2date RPM GPG Signature Verification Vulnerability
Description
:
up2date 3.0.7 and 3.1.23 does not properly verify RPM GPG signatures, which could allow remote attackers to cause unsigned packages to be installed from the Red Hat Network, if that network is compromised.
Family
:
unix
Class
:
vulnerability
Status
:
ACCEPTED
Reference(s)
:
CVE-2003-0546
Platform(s)
:
Red Hat Linux 9
Product(s)
:
up2date
Definition Synopsis
Software section
Red Hat 9 is installed
AND
ix86 architecture
AND
up2date version is less than 3.1.23.1-5
AND
Configuration section
rhnsd is running
BACK