Lucene search
K

5 matches found

Veracode
Veracode
added 2019/01/15 8:52 a.m.15 views

Sensitive Information Leakage

The sos package has a sensitive information leakage vulnerability. During archival of debugging information, the package does not remove the root user password information stored in the Kickstart configuration file /root/anaconda-ks.cfg it leaves the root user password information from the...

4.3CVSS5.7AI score0.01429EPSS
Exploits0References18Affected Software1
OpenVAS
OpenVAS
added 2013/08/01 12:0 a.m.37 views

CentOS Update for sos CESA-2013:1121 centos5

Check for the Version of sos OpenVAS Vulnerability Test CentOS Update for sos CESA-2013:1121 centos5 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...

4.3CVSS6.4AI score0.01429EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2013/07/31 12:0 a.m.29 views

Scientific Linux Security Update : sos on SL5.x (noarch) (20130730)

The sosreport utility collected the Kickstart configuration file '/root /anaconda-ks.cfg', but did not remove the root user's password from it before adding the file to the resulting archive of debugging information. An attacker able to access the archive could possibly use this flaw to obtain th...

4.3CVSS5.4AI score0.01429EPSS
Exploits0References2
NVD
NVD
added 2012/06/29 7:55 p.m.18 views

CVE-2012-2664

The sosreport utility in the Red Hat sos package before 2.2-29 does not remove the root user password information from the Kickstart configuration file /root/anaconda-ks.cfg when creating an archive of debugging information, which might allow attackers to obtain passwords or password hashes...

4.3CVSS6.2AI score0.01429EPSS
Exploits0References5
Prion
Prion
added 2012/06/29 7:55 p.m.13 views

Default credentials

The sosreport utility in the Red Hat sos package before 2.2-29 does not remove the root user password information from the Kickstart configuration file /root/anaconda-ks.cfg when creating an archive of debugging information, which might allow attackers to obtain passwords or password hashes...

4.3CVSS6.7AI score0.01429EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder