5 matches found
EUVD-2014-3971
Malware in sbrugna...
SUSE-RU-2015:0574-1 Security update for powerpc-utils
The 'snap' system information collection tool of the PowerPC Utils package collected fstab and yaboot.conf files which might contain passwords. CVE-2014-4040 As these files are of interest, we now print a warning that the user of the 'snap' tool should check if private passwords are in those file...
DEBIAN-CVE-2014-4040
snap in powerpc-utils 1.2.20 produces an archive with fstab and yaboot.conf files potentially containing cleartext passwords, and lacks a warning about reviewing this archive to detect included passwords, which might allow remote attackers to obtain sensitive information by leveraging access to a...
UBUNTU-CVE-2014-4040
snap in powerpc-utils 1.2.20 produces an archive with fstab and yaboot.conf files potentially containing cleartext passwords, and lacks a warning about reviewing this archive to detect included passwords, which might allow remote attackers to obtain sensitive information by leveraging access to a...
CVE-2014-4039
ppc64-diag 2.6.1 uses 0775 permissions for /tmp/diagSEsnap and does not properly restrict permissions for /tmp/diagSEsnap/snapH.tar.gz, which allows local users to obtain sensitive information by reading files in this archive, as demonstrated by /var/log/messages and /etc/yaboot.conf...