Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Sos Security Vulnerabilities - February

cve
cve

CVE-2011-4083

The sosreport utility in the Red Hat sos package before 1.7-9 and 2.x before 2.2-17 includes (1) Certificate-based Red Hat Network private entitlement keys and the (2) private key for the entitlement in an archive of debugging information, which might allow remote attackers to obtain sensitive info...

6AI Score

0.001EPSS

2014-02-17 04:55 PM
32
cve
cve

CVE-2012-2664

The sosreport utility in the Red Hat sos package before 2.2-29 does not remove the root user password information from the Kickstart configuration file (/root/anaconda-ks.cfg) when creating an archive of debugging information, which might allow attackers to obtain passwords or password hashes.

6.2AI Score

0.004EPSS

2012-06-29 07:55 PM
41
cve
cve

CVE-2014-3925

sosreport in Red Hat sos 1.7 and earlier on Red Hat Enterprise Linux (RHEL) 5 produces an archive with an fstab file potentially containing cleartext passwords, and lacks a warning about reviewing this archive to detect included passwords, which might allow remote attackers to obtain sensitive info...

7.2AI Score

0.004EPSS

2014-06-01 04:29 AM
37