VYPR

Sos

by Red Hat

CVEs (3)

  • CVE-2014-3925Jun 1, 2014
    risk 0.00cvss epss 0.02

    sosreport in Red Hat sos 1.7 and earlier on Red Hat Enterprise Linux (RHEL) 5 produces an archive with an fstab file potentially containing cleartext passwords, and lacks a warning about reviewing this archive to detect included passwords, which might allow remote attackers to…

  • CVE-2011-4083Feb 17, 2014
    risk 0.00cvss epss 0.01

    The sosreport utility in the Red Hat sos package before 1.7-9 and 2.x before 2.2-17 includes (1) Certificate-based Red Hat Network private entitlement keys and the (2) private key for the entitlement in an archive of debugging information, which might allow remote attackers to…

  • CVE-2012-2664Jun 29, 2012
    risk 0.00cvss epss 0.01

    The sosreport utility in the Red Hat sos package before 2.2-29 does not remove the root user password information from the Kickstart configuration file (/root/anaconda-ks.cfg) when creating an archive of debugging information, which might allow attackers to obtain passwords or…