Red Hat Security Advisory 2016-1484-01 - Red Hat Satellite is a system management tool for Linux-based infrastructures. It allows for provisioning, monitoring, and the remote management of multiple Linux deployments with a single, centralized tool. Security Fix: A stored cross-site scripting flaw was found in the way spacewalk-java displayed monitoring probes. An attacker can embed HTML and Javascript in the values for RHNMD User or Filesystem parameters in Satellite, allowing them to inject malicious content into the web page that is then displayed with that probe data.
fca385e1adee4c3355af668685e712abb94dffc828ffdb015bcc0eb5969e0c41
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=====================================================================
Red Hat Security Advisory
Synopsis: Moderate: spacewalk-java security and bug fix update
Advisory ID: RHSA-2016:1484-01
Product: Red Hat Satellite
Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-1484.html
Issue date: 2016-07-26
CVE Names: CVE-2016-3080 CVE-2016-3097
=====================================================================
1. Summary:
An update for spacewalk-java is now available for Red Hat Satellite 5.7.
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat Satellite 5.7 (RHEL v.6) - noarch
3. Description:
Red Hat Satellite is a system management tool for Linux-based
infrastructures. It allows for provisioning, monitoring, and the remote
management of multiple Linux deployments with a single, centralized tool.
Security Fix(es):
* A stored cross-site scripting (XSS) flaw was found in the way
spacewalk-java displayed monitoring probes. An attacker can embed HTML and
Javascript in the values for RHNMD User or Filesystem parameters in
Satellite, allowing them to inject malicious content into the web page that
is then displayed with that probe data. (CVE-2016-3080)
* A stored cross-site scripting (XSS) flaw was found in the way
spacewalk-java displayed group names. An attacker can embed HTML and
Javascript in the values for group names in Satellite, allowing them to
inject malicious content into the web page that is then displayed when
viewing the snapshot data. (CVE-2016-3097)
These issues were discovered by Jan HutaA (Red Hat).
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
For this update to take effect, Red Hat Satellite must be restarted
("/usr/sbin/rhn-satellite restart").
5. Bugs fixed (https://bugzilla.redhat.com/):
1320942 - CVE-2016-3080 spacewalk-monitoring: XSS issue in monitoring probe
1322710 - XSS when you create group with HTML via SSM or API and checks snapshot with this group join/leave
1322747 - CVE-2016-3097 spacewalk-java: Multiple XSS flaws
6. Package List:
Red Hat Satellite 5.7 (RHEL v.6):
Source:
spacewalk-java-2.3.8-147.el6sat.src.rpm
noarch:
spacewalk-java-2.3.8-147.el6sat.noarch.rpm
spacewalk-java-config-2.3.8-147.el6sat.noarch.rpm
spacewalk-java-lib-2.3.8-147.el6sat.noarch.rpm
spacewalk-java-oracle-2.3.8-147.el6sat.noarch.rpm
spacewalk-java-postgresql-2.3.8-147.el6sat.noarch.rpm
spacewalk-taskomatic-2.3.8-147.el6sat.noarch.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2016-3080
https://access.redhat.com/security/cve/CVE-2016-3097
https://access.redhat.com/security/updates/classification/#moderate
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2016 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iD8DBQFXlyjlXlSAg2UNWIIRApqsAKCW78XzQ565Q9/lSnGM/5ouXWKpMACeKQMI
G0EVlAKbBgmdI0x4boIBCZ8=
=lC7I
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce