|
|
Subscribe / Log in / New account

sosreport: two vulnerabilities

Package(s):sosreport CVE #(s):CVE-2014-3925 CVE-2015-7529
Created:December 18, 2015 Updated:February 17, 2016
Description: From the Ubuntu advisory:

Dolev Farhi discovered an information disclosure issue in SoS. If the /etc/fstab file contained passwords, the passwords were included in the SoS report. This issue only affected Ubuntu 14.04 LTS. (CVE-2014-3925)

Mateusz Guzik discovered that SoS incorrectly handled temporary files. A local attacker could possibly use this issue to overwrite arbitrary files or gain access to temporary file contents containing sensitive system information. (CVE-2015-7529)

Alerts:
Fedora FEDORA-2015-84b1635e90 sos 2015-12-28
Scientific Linux SLSA-2016:0188-1 sos 2016-02-16
Oracle ELSA-2016-0188 sos 2016-02-16
CentOS CESA-2016:0188 sos 2016-02-17
Red Hat RHSA-2016:0188-01 sos 2016-02-16
Scientific Linux SLSA-2016:0152-1 sos 2016-02-09
Oracle ELSA-2016-0152 sos 2016-02-09
CentOS CESA-2016:0152 sos 2016-02-10
Red Hat RHSA-2016:0152-01 sos 2016-02-09
Ubuntu USN-2845-1 sosreport 2015-12-17
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds