Vulnerabilities > CVE-2012-2664 - Credentials Management vulnerability in Redhat SOS 2.218

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

redhat

CWE-255

nessus

NVD

Published: 2012-06-29

Updated: 2024-11-21

Summary

The sosreport utility in the Red Hat sos package before 2.2-29 does not remove the root user password information from the Kickstart configuration file (/root/anaconda-ks.cfg) when creating an archive of debugging information, which might allow attackers to obtain passwords or password hashes.

Vulnerable Configurations

Part	Description	Count
Application	Redhat Redhat SOS 2.2-18	1

Common Weakness Enumeration (CWE)

CWE-255 - Credentials Management

Nessus

NASL family	Oracle Linux Local Security Checks
NASL id	ORACLELINUX_ELSA-2012-0958.NASL
description	From Red Hat Security Advisory 2012:0958 : An updated sos package that fixes one security issue, several bugs, and adds various enhancements is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The sos package contains a set of tools that gather information from system hardware, logs and configuration files. The information can then be used for diagnostic purposes and debugging. The sosreport utility collected the Kickstart configuration file (
last seen	2020-06-01
modified	2020-06-02
plugin id	68562
published	2013-07-12
reporter	This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/68562
title	Oracle Linux 6 : sos (ELSA-2012-0958)

NASL family	Scientific Linux Local Security Checks
NASL id	SL_20120620_SOS_ON_SL6.NASL
description	The sos package contains a set of tools that gather information from system hardware, logs and configuration files. The information can then be used for diagnostic purposes and debugging. The sosreport utility collected the Kickstart configuration file (
last seen	2020-03-18
modified	2012-08-01
plugin id	61350
published	2012-08-01
reporter	This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/61350
title	Scientific Linux Security Update : sos on SL6.x (20120620)

NASL family	Red Hat Local Security Checks
NASL id	REDHAT-RHSA-2012-0958.NASL
description	An updated sos package that fixes one security issue, several bugs, and adds various enhancements is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The sos package contains a set of tools that gather information from system hardware, logs and configuration files. The information can then be used for diagnostic purposes and debugging. The sosreport utility collected the Kickstart configuration file (
last seen	2020-06-01
modified	2020-06-02
plugin id	59598
published	2012-06-20
reporter	This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/59598
title	RHEL 6 : sos (RHSA-2012:0958)

NASL family	Oracle Linux Local Security Checks
NASL id	ORACLELINUX_ELSA-2013-1121.NASL
description	From Red Hat Security Advisory 2013:1121 : An updated sos package that fixes one security issue is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The sos package contains a set of tools that gather information from system hardware, logs and configuration files. The information can then be used for diagnostic purposes and debugging. The sosreport utility collected the Kickstart configuration file (
last seen	2020-06-01
modified	2020-06-02
plugin id	69159
published	2013-07-31
reporter	This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/69159
title	Oracle Linux 5 : sos (ELSA-2013-1121)

NASL family	Scientific Linux Local Security Checks
NASL id	SL_20130730_SOS_ON_SL5_X.NASL
description	The sosreport utility collected the Kickstart configuration file (
last seen	2020-03-18
modified	2013-07-31
plugin id	69167
published	2013-07-31
reporter	This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/69167
title	Scientific Linux Security Update : sos on SL5.x (noarch) (20130730)

NASL family	CentOS Local Security Checks
NASL id	CENTOS_RHSA-2012-0958.NASL
description	An updated sos package that fixes one security issue, several bugs, and adds various enhancements is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The sos package contains a set of tools that gather information from system hardware, logs and configuration files. The information can then be used for diagnostic purposes and debugging. The sosreport utility collected the Kickstart configuration file (
last seen	2020-06-01
modified	2020-06-02
plugin id	59933
published	2012-07-11
reporter	This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/59933
title	CentOS 6 : sos (CESA-2012:0958)

NASL family	CentOS Local Security Checks
NASL id	CENTOS_RHSA-2013-1121.NASL
description	An updated sos package that fixes one security issue is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The sos package contains a set of tools that gather information from system hardware, logs and configuration files. The information can then be used for diagnostic purposes and debugging. The sosreport utility collected the Kickstart configuration file (
last seen	2020-06-01
modified	2020-06-02
plugin id	69144
published	2013-07-31
reporter	This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/69144
title	CentOS 5 : sos (CESA-2013:1121)

NASL family	Red Hat Local Security Checks
NASL id	REDHAT-RHSA-2013-1121.NASL
description	An updated sos package that fixes one security issue is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. The sos package contains a set of tools that gather information from system hardware, logs and configuration files. The information can then be used for diagnostic purposes and debugging. The sosreport utility collected the Kickstart configuration file (
last seen	2020-06-01
modified	2020-06-02
plugin id	69162
published	2013-07-31
reporter	This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/69162
title	RHEL 5 : sos (RHSA-2013:1121)

Redhat

advisories

bugzilla

id	826884
title	CVE-2012-2664 sosreport does not blank root password in anaconda plugin

oval

comment Red Hat Enterprise Linux must be installed
oval oval:com.redhat.rhba:tst:20070304026

AND

comment Red Hat Enterprise Linux 6 is installed
oval oval:com.redhat.rhba:tst:20111656003
comment sos is earlier than 0:2.2-29.el6
oval oval:com.redhat.rhsa:tst:20120958001
comment sos is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20111536002

rhsa

id	RHSA-2012:0958
released	2012-06-19
severity	Low
title	RHSA-2012:0958: sos security, bug fix, and enhancement update (Low)

bugzilla

id	965807
title	sosreport does not blankout password in anaconda-ks.cfg and yum.repo

oval

comment Red Hat Enterprise Linux must be installed
oval oval:com.redhat.rhba:tst:20070304026

AND

comment Red Hat Enterprise Linux 5 is installed
oval oval:com.redhat.rhba:tst:20070331005
comment sos is earlier than 0:1.7-9.62.el5_9.1
oval oval:com.redhat.rhsa:tst:20131121001
comment sos is signed with Red Hat redhatrelease key
oval oval:com.redhat.rhba:tst:20141200002

rhsa

id	RHSA-2013:1121
released	2013-07-30
severity	Low
title	RHSA-2013:1121: sos security update (Low)

rpms

sos-0:2.2-29.el6
sos-0:1.7-9.62.el5_9.1

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Nessus

Redhat

References