ID CVE-2012-2664
Summary The sosreport utility in the Red Hat sos package before 2.2-29 does not remove the root user password information from the Kickstart configuration file (/root/anaconda-ks.cfg) when creating an archive of debugging information, which might allow attackers to obtain passwords or password hashes.
References
Vulnerable Configurations
  • cpe:2.3:a:redhat:sos:2.2-18:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:sos:2.2-18:*:*:*:*:*:*:*
CVSS
Base: 4.3 (as of 29-08-2017 - 01:31)
Impact:
Exploitability:
CWE CWE-255
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
cvss-vector via4 AV:N/AC:M/Au:N/C:P/I:N/A:N
redhat via4
advisories
  • bugzilla
    id 826884
    title CVE-2012-2664 sosreport does not blank root password in anaconda plugin
    oval
    AND
    • comment sos is earlier than 0:2.2-29.el6
      oval oval:com.redhat.rhsa:tst:20120958005
    • comment sos is signed with Red Hat redhatrelease2 key
      oval oval:com.redhat.rhsa:tst:20111536006
    • OR
      • comment Red Hat Enterprise Linux 6 Client is installed
        oval oval:com.redhat.rhba:tst:20111656001
      • comment Red Hat Enterprise Linux 6 Server is installed
        oval oval:com.redhat.rhba:tst:20111656002
      • comment Red Hat Enterprise Linux 6 Workstation is installed
        oval oval:com.redhat.rhba:tst:20111656003
      • comment Red Hat Enterprise Linux 6 ComputeNode is installed
        oval oval:com.redhat.rhba:tst:20111656004
    rhsa
    id RHSA-2012:0958
    released 2012-06-20
    severity Low
    title RHSA-2012:0958: sos security, bug fix, and enhancement update (Low)
  • bugzilla
    id 965807
    title sosreport does not blankout password in anaconda-ks.cfg and yum.repo
    oval
    AND
    • comment Red Hat Enterprise Linux 5 is installed
      oval oval:com.redhat.rhba:tst:20070331001
    • comment sos is earlier than 0:1.7-9.62.el5_9.1
      oval oval:com.redhat.rhsa:tst:20131121002
    • comment sos is signed with Red Hat redhatrelease key
      oval oval:com.redhat.rhba:tst:20141200003
    rhsa
    id RHSA-2013:1121
    released 2013-07-30
    severity Low
    title RHSA-2013:1121: sos security update (Low)
rpms
  • sos-0:2.2-29.el6
  • sos-0:1.7-9.62.el5_9.1
refmap via4
bid 54116
confirm http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
xf sos-anaconda-info-disclosure(76468)
Last major update 29-08-2017 - 01:31
Published 29-06-2012 - 19:55
Back to Top