Lucene search
RedhatCVELIST:CVE-2011-3589HistoryFeb 15, 2014 - 11:00 a.m.
CVE-2011-3589
2014-02-1511:00:00
redhat
www.cve.org
5
The Red Hat mkdumprd script for kexec-tools, as distributed in the kexec-tools 1.x before 1.102pre-154 and 2.x before 2.0.0-209 packages in Red Hat Enterprise Linux, uses world-readable permissions for vmcore files, which allows local users to obtain sensitive information by inspecting the file content, as demonstrated by a search for a root SSH key.
Related
cve
cve
CVE-2011-3589
2014-02-15 14:57:07
seebug
seebug
Linux系统kexec-tools mkdumprd工具信息泄露漏洞
2011-12-08 00:00:00
debiancve
debiancve
CVE-2011-3589
2014-02-15 14:57:07
prion
prion
Code injection
2014-02-15 14:57:00
veracode
veracode
Information Disclosure
2020-04-10 01:09:03
ubuntucve
ubuntucve
CVE-2011-3589
2014-02-15 00:00:00
nvd
nvd
CVE-2011-3589
2014-02-15 14:57:07
redhat
redhat
nessus
nessus
RHEL 6 : kexec-tools (RHSA-2011:1532)
2011-12-06 00:00:00
RHEL 5 : kexec-tools (RHSA-2012:0152)
2012-02-21 00:00:00
oraclelinux
oraclelinux
kexec-tools security, bug fix, and enhancement update
2012-03-01 00:00:00
kexec-tools security, bug fix, and enhancement update
2011-12-14 00:00:00
openvas
openvas
RedHat Update for kexec-tools RHSA-2012:0152-03
2012-02-21 00:00:00
Oracle: Security Advisory (ELSA-2011-1532)
2015-10-06 00:00:00
RedHat Update for kexec-tools RHSA-2011:1532-03
2012-07-09 00:00:00