CVE-2012-1145

Name of the Vulnerable Software and Affected Versions Red Hat Network Satellite 5.4 on Red Hat Enterprise Linux 6

Description The issue is related to improper authorization or authentication of uploads to the NULL organization when mod wsgi is used. This allows remote attackers to cause a denial of service by consuming disk space in the /var partition and causing failed updates via a large number of package uploads.

Recommendations For Red Hat Network Satellite 5.4 on Red Hat Enterprise Linux 6, consider restricting access to the upload functionality to prevent unauthorized uploads until a proper fix is available. As a temporary workaround, monitor the /var partition disk space and update processes closely to minimize the risk of exploitation.