Rapid7 Vulnerability & Exploit Database

RHSA-2008:1001: tog-pegasus security update

Back to Search

RHSA-2008:1001: tog-pegasus security update

Severity
7
CVSS
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
Published
11/26/2008
Created
07/25/2018
Added
02/22/2009
Modified
07/04/2017

Description

The tog-pegasus packages provide OpenPegasus Web-Based EnterpriseManagement (WBEM) services. WBEM is a platform and resource independentDistributed Management Task Force (DMTF) standard that defines a commoninformation model and communication protocol for monitoring and controllingresources.Red Hat defines additional security enhancements for OpenGroup Pegasus WBEMservices in addition to those defined by the upstream OpenGroup Pegasusrelease. For details regarding these enhancements, refer to the file"README.RedHat.Security", included in the Red Hat tog-pegasus package.After re-basing to version 2.7.0 of the OpenGroup Pegasus code, theseadditional security enhancements were no longer being applied. As aconsequence, access to OpenPegasus WBEM services was not restricted to thededicated users as described in README.RedHat.Security. An attacker able toauthenticate using a valid user account could use this flaw to sendrequests to WBEM services. (CVE-2008-4313)Note: default SELinux policy prevents tog-pegasus from modifying systemfiles. This flaw's impact depends on whether or not tog-pegasus is confinedby SELinux, and on any additional CMPI providers installed and enabled on aparticular system.Failed authentication attempts against the OpenPegasus CIM server were notlogged to the system log as documented in README.RedHat.Security. Anattacker could use this flaw to perform password guessing attacks against auser account without leaving traces in the system log. (CVE-2008-4315)All tog-pegasus users are advised to upgrade to these updated packages,which contain patches to correct these issues.

Solution(s)

  • redhat-upgrade-tog-pegasus
  • redhat-upgrade-tog-pegasus-devel

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;