Описание
xfs_metadump in xfsprogs before 3.2.4 does not properly obfuscate file data, which allows remote attackers to obtain sensitive information by reading a generated image.
It was discovered that the xfs_metadump tool of the xfsprogs suite did not fully adhere to the standards of obfuscation described in its man page. In case a user with the necessary privileges used xfs_metadump and relied on the advertised obfuscation, the generated data could contain unexpected traces of potentially sensitive information.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | xfsprogs | Will not fix | ||
| Red Hat Enterprise Linux 6 | xfsprogs | Will not fix | ||
| Red Hat Enterprise Linux 7 | xfsprogs | Fixed | RHSA-2015:2151 | 19.11.2015 |
Показывать по
Дополнительная информация
Статус:
1.2 Low
CVSS2
Связанные уязвимости
xfs_metadump in xfsprogs before 3.2.4 does not properly obfuscate file data, which allows remote attackers to obtain sensitive information by reading a generated image.
xfs_metadump in xfsprogs before 3.2.4 does not properly obfuscate file data, which allows remote attackers to obtain sensitive information by reading a generated image.
xfs_metadump in xfsprogs before 3.2.4 does not properly obfuscate file ...
1.2 Low
CVSS2