0.004 Low
EPSS
Percentile
72.2%
sosreport is vulnerable to information disclosure. If a malicious user can get access to the technical-support data stream and if the /etc/fstab file contains passwords, the sensitive information can be disclosed.
/etc/fstab
openwall.com/lists/oss-security/2014/05/29/6
openwall.com/lists/oss-security/2014/05/30/3
www.ubuntu.com/usn/USN-2845-1
bugzilla.redhat.com/show_bug.cgi?id=1102633
github.com/sosreport/sos/commit/7b46d34654735d925bcb2a3e4b27b65dce994519
usn.ubuntu.com/usn/USN-2845-1/