PT-2012-1092 · Sos+2 · Sos+2

Published

2012-06-19

·

Updated

2017-08-29

·

CVE-2012-2664

CVSS v2.0

4.3

Medium

VectorAV:N/AC:M/Au:N/C:P/I:N/A:N
Name of the Vulnerable Software and Affected Versions sos package versions prior to 2.2-29
Description The issue concerns the sosreport utility in the sos package, which does not properly remove the root user password information from the Kickstart configuration file (/root/anaconda-ks.cfg) when creating an archive of debugging information. This could allow attackers to obtain passwords or password hashes. The exploitation of this issue can be done remotely.
Recommendations For versions prior to 2.2-29, update the sos package to version 2.2-29 or later to resolve the issue. As a temporary workaround, consider manually removing the root user password information from the Kickstart configuration file (/root/anaconda-ks.cfg) before creating an archive of debugging information.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-255

Related Identifiers

BDU:2015-07116
BDU:2015-08840
CESA-2012_0958
CVE-2012-2664
RHSA-2012:0958
RHSA-2012_0958
RHSA-2013:1121
RHSA-2013_1121

Affected Products

Centos
Red Hat
Sos