up2date 3.0.7 and 3.1.23 does not properly verify RPM GPG signatures, which could allow remote attackers to cause unsigned packages to be installed from the Red Hat Network, if that network is compromised.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2003-08-14T04:00:00
Updated: 2024-08-08T01:58:11.060Z
Reserved: 2003-07-14T00:00:00
Link: CVE-2003-0546
Vulnrichment
No data.
NVD
Status : Modified
Published: 2003-08-27T04:00:00.000
Modified: 2024-11-20T23:44:59.407
Link: CVE-2003-0546
Redhat