3 matches found
Ubuntu 14.04 LTS : SoS vulnerabilities (USN-2845-1)
The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-2845-1 advisory. Dolev Farhi discovered an information disclosure issue in SoS. If the /etc/fstab file contained passwords, the passwords were included in the SoS report...
CVE-2014-3925
CVE-2014-3925 affects sosreport in Red Hat sos 1.7 and earlier on RHEL 5, where the generated archive may contain an fstab with cleartext passwords and lacks a warning to review for passwords, enabling potential sensitive-information disclosure if an attacker can access the technical-support data...
CVE-2014-3925
sosreport in Red Hat sos 1.7 and earlier on Red Hat Enterprise Linux RHEL 5 produces an archive with an fstab file potentially containing cleartext passwords, and lacks a warning about reviewing this archive to detect included passwords, which might allow remote attackers to obtain sensitive...