Описание
sosreport in SoS 3.x allows local users to obtain sensitive information from sosreport files or gain privileges via a symlink attack on an archive file in a temporary directory, as demonstrated by sosreport-$hostname-$date.tar in /tmp/sosreport-$hostname-$date.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 3.2+git276-g7da50d6-3 |
| esm-infra-legacy/trusty | released | 3.1-1ubuntu2.2 |
| precise | DNE | |
| trusty | released | 3.1-1ubuntu2.2 |
| trusty/esm | released | 3.1-1ubuntu2.2 |
| upstream | released | 3.2+git276-g7da50d6-3 |
| vivid | released | 3.2-2ubuntu0.1 |
| wily | released | 3.2-2ubuntu1.1 |
Показывать по
EPSS
4.6 Medium
CVSS2
7.8 High
CVSS3
Связанные уязвимости
sosreport in SoS 3.x allows local users to obtain sensitive information from sosreport files or gain privileges via a symlink attack on an archive file in a temporary directory, as demonstrated by sosreport-$hostname-$date.tar in /tmp/sosreport-$hostname-$date.
sosreport in SoS 3.x allows local users to obtain sensitive information from sosreport files or gain privileges via a symlink attack on an archive file in a temporary directory, as demonstrated by sosreport-$hostname-$date.tar in /tmp/sosreport-$hostname-$date.
sosreport in SoS 3.x allows local users to obtain sensitive informatio ...
ELSA-2016-0188: sos security and bug fix update (MODERATE)
EPSS
4.6 Medium
CVSS2
7.8 High
CVSS3