SoS 安全漏洞

SoS is sosreport open source an extensible , portable , support data collection tool . Used to collect system logs and other debugging information. SoS suffers from a security vulnerability that stems from ovirt-log-collector/sosreport collecting unfiltered RHV administrator passwords...

CentOS Update for sos CESA-2016:0188 centos7

Check the version of sos SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882393";...

UBUNTU-CVE-2014-3925

sosreport in Red Hat sos 1.7 and earlier on Red Hat Enterprise Linux RHEL 5 produces an archive with an fstab file potentially containing cleartext passwords, and lacks a warning about reviewing this archive to detect included passwords, which might allow remote attackers to obtain sensitive...

sos: sosreport is gathering certificate-based RHN entitlement private keys

The sosreport utility in the Red Hat sos package before 1.7-9 and 2.x before 2.2-17 includes 1 Certificate-based Red Hat Network private entitlement keys and the 2 private key for the entitlement in an archive of debugging information, which might allow remote attackers to obtain sensitive...