ID CVE-2011-4083
Summary The sosreport utility in the Red Hat sos package before 1.7-9 and 2.x before 2.2-17 includes (1) Certificate-based Red Hat Network private entitlement keys and the (2) private key for the entitlement in an archive of debugging information, which might allow remote attackers to obtain sensitive information by reading the archive.
References
Vulnerable Configurations
  • cpe:2.3:a:redhat:sos:2.2-3:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:sos:2.2-3:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:sos:2.2-6:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:sos:2.2-6:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:sos:2.2-7:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:sos:2.2-7:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:sos:2.2-8:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:sos:2.2-8:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:sos:2.2-9:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:sos:2.2-9:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:sos:2.2-10:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:sos:2.2-10:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:sos:2.2-11:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:sos:2.2-11:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:sos:2.2-14:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:sos:2.2-14:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:sos:2.2-15:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:sos:2.2-15:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:sos:2.2-16:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:sos:2.2-16:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:sos:1.6:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:sos:1.6:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:sos:1.7:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:sos:1.7:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:sos:*:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:sos:*:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:sos:1.7-8:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:sos:1.7-8:*:*:*:*:*:*:*
CVSS
Base: 4.3 (as of 19-02-2014 - 00:40)
Impact:
Exploitability:
CWE CWE-310
CAPEC
  • Signature Spoofing by Key Recreation
    An attacker obtains an authoritative or reputable signer's private signature key by exploiting a cryptographic weakness in the signature algorithm or pseudorandom number generation and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
cvss-vector via4 AV:N/AC:M/Au:N/C:P/I:N/A:N
redhat via4
advisories
  • bugzilla
    id 749383
    title CVE-2011-4083 sos: sosreport is gathering certificate-based RHN entitlement private keys
    oval
    AND
    • comment sos is earlier than 0:2.2-17.el6
      oval oval:com.redhat.rhsa:tst:20111536005
    • comment sos is signed with Red Hat redhatrelease2 key
      oval oval:com.redhat.rhsa:tst:20111536006
    • OR
      • comment Red Hat Enterprise Linux 6 Client is installed
        oval oval:com.redhat.rhba:tst:20111656001
      • comment Red Hat Enterprise Linux 6 Server is installed
        oval oval:com.redhat.rhba:tst:20111656002
      • comment Red Hat Enterprise Linux 6 Workstation is installed
        oval oval:com.redhat.rhba:tst:20111656003
      • comment Red Hat Enterprise Linux 6 ComputeNode is installed
        oval oval:com.redhat.rhba:tst:20111656004
    rhsa
    id RHSA-2011:1536
    released 2011-12-06
    severity Low
    title RHSA-2011:1536: sos security, bug fix, and enhancement update (Low)
  • bugzilla
    id 750573
    title sosreport cluster modules fail with badly formed cluster.conf
    oval
    AND
    • comment Red Hat Enterprise Linux 5 is installed
      oval oval:com.redhat.rhba:tst:20070331001
    • comment sos is earlier than 0:1.7-9.62.el5
      oval oval:com.redhat.rhsa:tst:20120153002
    • comment sos is signed with Red Hat redhatrelease key
      oval oval:com.redhat.rhba:tst:20141200003
    rhsa
    id RHSA-2012:0153
    released 2012-02-21
    severity Low
    title RHSA-2012:0153: sos security, bug fix, and enhancement update (Low)
rpms
  • sos-0:2.2-17.el6
  • sos-0:1.7-9.62.el5
refmap via4
Last major update 19-02-2014 - 00:40
Published 17-02-2014 - 16:55
Back to Top