CVE-2015-3171

Опубликовано: 25 июл. 2017

Источник: ubuntu

Приоритет: medium

CVSS2: 2.1

CVSS3: 5.5

Описание

sosreport 3.2 uses weak permissions for generated sosreport archives, which allows local users with access to /var/tmp/ to obtain sensitive information by reading the contents of the archive.

Релиз	Статус	Примечание
devel	not-affected
esm-infra-legacy/trusty	not-affected	3.1-1ubuntu2.1
precise	DNE
trusty	not-affected	3.1-1ubuntu2.1
trusty/esm	not-affected	3.1-1ubuntu2.1
upstream	released	3.2-2
utopic	not-affected	3.1-1ubuntu3
vivid	not-affected	3.2-2

Показывать по

Ссылки на источники

https://www.cve.org/CVERecord?id=CVE-2015-3171

2.1 Low

CVSS2

5.5 Medium

CVSS3

Связанные уязвимости

CVE-2015-3171

redhat

почти 11 лет назад

sosreport 3.2 uses weak permissions for generated sosreport archives, which allows local users with access to /var/tmp/ to obtain sensitive information by reading the contents of the archive.

CVE-2015-3171

CVSS3: 5.5

nvd

больше 8 лет назад

sosreport 3.2 uses weak permissions for generated sosreport archives, which allows local users with access to /var/tmp/ to obtain sensitive information by reading the contents of the archive.

CVE-2015-3171

CVSS3: 5.5

debian

больше 8 лет назад

sosreport 3.2 uses weak permissions for generated sosreport archives, ...

GHSA-gw46-8559-cggp

CVSS3: 5.5

github

больше 3 лет назад

sosreport sensitive information disclosure via weak permissions of the generated archives

2.1 Low

CVSS2

5.5 Medium

CVSS3

CVE-2015-3171

Описание

Пакет sosreport

Ссылки на источники

Связанные уязвимости