powerpc-utils: snap creates archives with fstab and yaboot.conf which may expose certain passwords

A flaw was found in the way the snap utility of powerpc-utils generated an archive containing a configuration snapshot of a service. A local attacker could obtain sensitive information from the generated archive such as plain text passwords...

PT-2015-4023 · Python +1 · Powerpc-Utils-Python +1

Name of the Vulnerable Software and Affected Versions: powerpc-utils-python affected versions not specified Description: The issue arises from the unsafe use of the pickle Python module in the amsnet.py script, allowing remote attackers to execute arbitrary code via a crafted serialized object...

Powerpc-utils Remote Code Execution Vulnerability

powerpc-utils is a toolkit that provides support and maintenance for Linux on Power. A remote code execution vulnerability exists in powerpc-utils, which can be exploited by an attacker to execute arbitrary code or launch a denial-of-service attack in the context of an affected application...

SUSE-SU-2015:0232-1 Security update for powerpc-utils

powerpc-utils was updated to fix one security issue. This security issue was fixed: - May expose passwords from fstab or yaboot.con CVE-2014-4040. This additional fix was included: - LPAR crashes when drmgr attempts to offline last remaining cpu core bnc901216...