CVE-2012-0059 Information

Description

Spacewalk-backend in Red Hat Network (RHN) Satellite and Proxy 5.4 includes cleartext user passwords in an error message when a system registration XML-RPC call fails which allows remote administrators to obtain the password by reading (1) the server log and (2) an email.

Reference

http://rhn.redhat.com/errata/RHSA-2012-0101.html http://rhn.redhat.com/errata/RHSA-2012-0102.html