CVE-2003-0546 Information

Description

up2date 3.0.7 and 3.1.23 does not properly verify RPM GPG signatures which could allow remote attackers to cause unsigned packages to be installed from the Red Hat Network if that network is compromised.

Reference

http://marc.info/?l=bugtraq&m=106036724315539&w=2 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A631