PT-2014-2156 · Red Hat · Sos+1

Publicado

2011-12-05

Atualizado

2014-02-19

CVE-2011-4083

CVSS v2.0

4.3

Média

Vetor

AV:N/AC:M/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions Red Hat sos package versions prior to 1.7-9 Red Hat sos package versions 2.x prior to 2.2-17

Description The sosreport utility includes sensitive information, such as certificate-based Red Hat Network private entitlement keys and the private key for the entitlement, in an archive of debugging information. This could allow remote attackers to obtain sensitive information by reading the archive.

Recommendations For Red Hat sos package versions prior to 1.7-9, update to version 1.7-9 or later. For Red Hat sos package versions 2.x prior to 2.2-17, update to version 2.2-17 or later.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-310

Identificadores relacionados

CVE-2011-4083

RHSA-2011:1536

RHSA-2011_1536

RHSA-2012:0153

RHSA-2012_0153

Produtos afetados

Red Hat

Sos

PT-2014-2156 · Red Hat · Sos+1

CVE-2011-4083

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 7