8 matches found
Information Disclosure
sosreport is vulnerable to information disclosure. If a malicious user can get access to the technical-support data stream and if the /etc/fstab file contains passwords, the sensitive information can be disclosed...
IBM General Parallel File System Information Disclosure Vulnerability
IBM General Parallel File System GPFS is a scalable, highly available, high-performance enterprise file management system optimized for petabyte-scale storage management from IBM in the United States. A security vulnerability exists in the /usr/lpp/mmfs/bin/gpfs.snap file in IBM GPFS version 4.1....
CVE-2014-4040
snap in powerpc-utils 1.2.20 produces an archive with fstab and yaboot.conf files potentially containing cleartext passwords, and lacks a warning about reviewing this archive to detect included passwords, which might allow remote attackers to obtain sensitive information by leveraging access to a...
CVE-2014-4040
snap in powerpc-utils 1.2.20 produces an archive with fstab and yaboot.conf files potentially containing cleartext passwords, and lacks a warning about reviewing this archive to detect included passwords, which might allow remote attackers to obtain sensitive information by leveraging access to a...
Design/Logic Flaw
sosreport in Red Hat sos 1.7 and earlier on Red Hat Enterprise Linux RHEL 5 produces an archive with an fstab file potentially containing cleartext passwords, and lacks a warning about reviewing this archive to detect included passwords, which might allow remote attackers to obtain sensitive...
CVE-2014-3925
CVE-2014-3925 affects sosreport in Red Hat sos 1.7 and earlier on RHEL 5, where the generated archive may contain an fstab with cleartext passwords and lacks a warning to review for passwords, enabling potential sensitive-information disclosure if an attacker can access the technical-support data...
UBUNTU-CVE-2014-3925
sosreport in Red Hat sos 1.7 and earlier on Red Hat Enterprise Linux RHEL 5 produces an archive with an fstab file potentially containing cleartext passwords, and lacks a warning about reviewing this archive to detect included passwords, which might allow remote attackers to obtain sensitive...
CVE-2014-3925
sosreport in Red Hat sos 1.7 and earlier on Red Hat Enterprise Linux RHEL 5 produces an archive with an fstab file potentially containing cleartext passwords, and lacks a warning about reviewing this archive to detect included passwords, which might allow remote attackers to obtain sensitive...