16 matches found
MiracleLinux 7 : sos-3.2-35.3.0.1.el7.AXS7 (AXSA:2016-110:01)
The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2016-110:01 advisory. Sos is a set of tools that gathers information about system hardware and configuration. The information can then be used for diagnostic purposes and debugging...
MiracleLinux 4 : sos-3.2-28.2.0.1.AXS4 (AXSA:2016-073:01)
The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2016-073:01 advisory. Sos is a set of tools that gathers information about system hardware and configuration. The information can then be used for diagnostic purposes and debugging...
Linux Distros Unpatched Vulnerability : CVE-2015-7529
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - sosreport in SoS 3.x allows local users to obtain sensitive information from sosreport files or gain privileges via a symlink attack on an archive file in a...
RHEL 5 : sos (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - sos: Usage of predictable temporary files allows privilege escalation CVE-2015-7529 Note that Nessus has not tested...
CVE-2015-7529
sosreport in SoS 3.x allows local users to obtain sensitive information from sosreport files or gain privileges via a symlink attack on an archive file in a temporary directory, as demonstrated by sosreport-$hostname-$date.tar in /tmp/sosreport-$hostname-$date...
CVE-2015-7529
CVE-2015-7529 concerns sosreport in SoS 3.x where a local attacker can read sensitive data from sosreport archives or gain privileges via a symlink attack on temporary archive files (example: sosreport-$hostname-$date.tar in /tmp). Root cause: use of predictable temporary file names in sosreport’...
Medium: sos
Issue Overview: An insecure temporary file use flaw was found in the way sos created certain sosreport files. A local attacker could possibly use this flaw to perform a symbolic link attack to reveal the contents of sosreport files, or in some cases modify arbitrary files and escalate their...
Fedora 23 : sos-3.2-2.fc23 (2015-84b1635e90)
Security fix for CVE-2015-7529 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C...
RHEL 7 : sos (RHSA-2016:0188)
The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2016:0188 advisory. The sos package contains a set of utilities that gather information from system hardware, logs, and configuration files. The information can then be...
Scientific Linux Security Update : sos on SL7.x (noarch) (20160216)
An insecure temporary file use flaw was found in the way sos created certain sosreport files. A local attacker could possibly use this flaw to perform a symbolic link attack to reveal the contents of sosreport files, or in some cases modify arbitrary files and escalate their privileges on the...
RedHat Update for sos RHSA-2016:0188-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CentOS Update for sos CESA-2016:0152 centos6
Check the version of sos SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882390";...
CentOS 6 : sos (CESA-2016:0152)
An updated sos package that fixes one security issue and one bug is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
RedHat Update for sos RHSA-2016:0152-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 14.04 LTS : SoS vulnerabilities (USN-2845-1)
The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-2845-1 advisory. Dolev Farhi discovered an information disclosure issue in SoS. If the /etc/fstab file contained passwords, the passwords were included in the SoS report...
UBUNTU-CVE-2015-7529
sosreport in SoS 3.x allows local users to obtain sensitive information from sosreport files or gain privileges via a symlink attack on an archive file in a temporary directory, as demonstrated by sosreport-$hostname-$date.tar in /tmp/sosreport-$hostname-$date...