Lucene search
K

4 matches found

CVE
CVE
added 2014/06/01 1:0 a.m.76 views

CVE-2014-3925

CVE-2014-3925 affects sosreport in Red Hat sos 1.7 and earlier on RHEL 5, where the generated archive may contain an fstab with cleartext passwords and lacks a warning to review for passwords, enabling potential sensitive-information disclosure if an attacker can access the technical-support data...

5CVSS7.2AI score0.02152EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2014/02/17 4:55 p.m.11 views

CVE-2011-4083

The sosreport utility in the Red Hat sos package before 1.7-9 and 2.x before 2.2-17 includes 1 Certificate-based Red Hat Network private entitlement keys and the 2 private key for the entitlement in an archive of debugging information, which might allow remote attackers to obtain sensitive...

4.3CVSS6AI score0.00994EPSS
Exploits0References2
Cvelist
Cvelist
added 2014/02/17 4:0 p.m.22 views

CVE-2011-4083

The sosreport utility in the Red Hat sos package before 1.7-9 and 2.x before 2.2-17 includes 1 Certificate-based Red Hat Network private entitlement keys and the 2 private key for the entitlement in an archive of debugging information, which might allow remote attackers to obtain sensitive...

5.9AI score0.00994EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2013/07/30 4:56 p.m.7 views

sosreport does not blank root password in anaconda plugin

The sosreport utility in the Red Hat sos package before 2.2-29 does not remove the root user password information from the Kickstart configuration file /root/anaconda-ks.cfg when creating an archive of debugging information, which might allow attackers to obtain passwords or password hashes...

4.3CVSS5.8AI score0.01429EPSS
Exploits0References4
Rows per page
Query Builder