CVE-2015-3171

Опубликовано: 25 июл. 2017

Источник: debian

EPSS Низкий

Описание

sosreport 3.2 uses weak permissions for generated sosreport archives, which allows local users with access to /var/tmp/ to obtain sensitive information by reading the contents of the archive.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
sosreport	fixed	3.2-2		package

Примечания

https://github.com/sosreport/sos/commit/d7759d3ddae5fe99a340c88a1d370d65cfa73fd6
https://github.com/sosreport/sos/issues/425

EPSS

Процентиль: 12%

0.00039

Низкий

Связанные уязвимости

CVE-2015-3171

CVSS3: 5.5

ubuntu

больше 8 лет назад

sosreport 3.2 uses weak permissions for generated sosreport archives, which allows local users with access to /var/tmp/ to obtain sensitive information by reading the contents of the archive.

CVE-2015-3171

redhat

почти 11 лет назад

sosreport 3.2 uses weak permissions for generated sosreport archives, which allows local users with access to /var/tmp/ to obtain sensitive information by reading the contents of the archive.

CVE-2015-3171

CVSS3: 5.5

nvd

больше 8 лет назад

sosreport 3.2 uses weak permissions for generated sosreport archives, which allows local users with access to /var/tmp/ to obtain sensitive information by reading the contents of the archive.

GHSA-gw46-8559-cggp

CVSS3: 5.5

github

больше 3 лет назад

sosreport sensitive information disclosure via weak permissions of the generated archives

EPSS

Процентиль: 12%

0.00039

Низкий