Published: 29/06/2012 Updated: 29/08/2017

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N

The sosreport utility in the Red Hat sos package prior to 2.2-29 does not remove the root user password information from the Kickstart configuration file (/root/anaconda-ks.cfg) when creating an archive of debugging information, which might allow malicious users to obtain passwords or password hashes.

Vulnerable Product	Search on Vulmon	Subscribe to Product
redhat sos

Synopsis Low: sos security, bug fix, and enhancement update Type/Severity Security Advisory: Low Topic An updated sos package that fixes one security issue, several bugs, andadds various enhancements is now available for Red Hat Enterprise Linux 6The Red Hat Security Response Team has rated this update as ...

CWE-255 http://rhn.redhat.com/errata/RHSA-2012-0958.html http://www.securityfocus.com/bid/54116 http://rhn.redhat.com/errata/RHSA-2013-1121.html http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html https://exchange.xforce.ibmcloud.com/vulnerabilities/76468 https://access.redhat.com/errata/RHSA-2012:0958 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2012-2664

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect