A flaw was found in the way RHN Satellite rewrote certain URLs. An unauthenticated user could use a specially-crafted HTTP request to obtain sensitive information about the host system RHN Satellite was running on. They could also use RHN Satellite as a distributed denial of service tool, forcing it to connect to an arbitrary service at an arbitrary IP address via a specially-crafted HTTP request.
The preliminary embargo date for this issue has been set up to Monday, 9-th of May, 2011.
(In reply to comment #25) The preliminary embargo date for this issue has been moved to earlier date, Monday, 11-th of April, 2011.
This issue has been addressed in following products: Red Hat Network Satellite Server v 5.3 Red Hat Network Satellite Server v 5.4 Via RHSA-2011:0434 https://rhn.redhat.com/errata/RHSA-2011-0434.html
Created spacewalk-backend tracking bugs for this issue Affects: fedora-all [bug 695494]