672167 – (CVE-2011-1594) CVE-2011-1594 RHN Satellite / Spacewalk: login page open redirect via url_bounce

Bug 672167 (CVE-2011-1594) - CVE-2011-1594 RHN Satellite / Spacewalk: login page open redirect via url_bounce

Summary: CVE-2011-1594 RHN Satellite / Spacewalk: login page open redirect via url_bounce

Keywords:
Status:	CLOSED ERRATA
Alias:	CVE-2011-1594
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	low
Severity:	low
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	730928
Blocks:	713496
TreeView+	depends on / blocked

Reported:	2011-01-24 09:44 UTC by Jan Lieskovsky
Modified:	2023-05-11 16:50 UTC (History)
CC List:	8 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2011-09-15 21:18:24 UTC
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHSA-2011:1299	0	normal	SHIPPED_LIVE	Moderate: Red Hat Network Satellite server security and enhancement update	2011-09-15 17:54:55 UTC

Description Jan Lieskovsky 2011-01-24 09:44:10 UTC

Open redirect vulnerability in Red Hat Network Satellite
and Spacewalk software content management services allows
remote attackers to redirect users to arbitrary web sites
and conduct phishing attacks via a URL in the url_bounce
parameter. 

Acknowledgements:

Red Hat would like to thank Thomas Biege of the SuSE Security Team
for reporting this issue.

Comment 11 Jan Lieskovsky 2011-04-20 16:19:51 UTC

The CVE identifier of CVE-2011-1594 has been assigned to this issue.

Comment 15 Tomas Hoger 2011-08-19 07:47:56 UTC

This is already public via SUSE advisory:
http://lists.opensuse.org/opensuse-security-announce/2011-06/msg00007.html
http://support.novell.com/security/cve/CVE-2011-1594.html

Comment 17 errata-xmlrpc 2011-09-15 17:55:44 UTC

This issue has been addressed in following products:

  Red Hat Network Satellite Server v 5.4

Via RHSA-2011:1299 https://rhn.redhat.com/errata/RHSA-2011-1299.html

Comment 18 Michael Mráka 2011-09-16 09:22:38 UTC

The issue has been addressed in Spacewalk master by
commit e23b716fe82672c143177275799985ce56dc468d
    CVE-2011-1594, 672167 - only local redirects are allowed

Fixed package: spacewalk-java-1.6.46-1

Note You need to log in before you can comment on or make changes to this bug.