Vulnerabilities > CVE-2014-0246 - Credentials Management vulnerability in Sosreport Project Sosreport
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
SOSreport stores the md5 hash of the GRUB bootloader password in an archive, which allows local users to obtain sensitive information by reading the archive.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Common Weakness Enumeration (CWE)
Nessus
NASL family Fedora Local Security Checks NASL id FEDORA_2014-7479.NASL description Updated sos packages that fix a number of bugs and add several enhancements are now available. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-17 modified 2014-06-27 plugin id 76265 published 2014-06-27 reporter This script is Copyright (C) 2014-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/76265 title Fedora 20 : sos-3.1-1.fc20 (2014-7479) NASL family Fedora Local Security Checks NASL id FEDORA_2014-7490.NASL description Updated sos packages that fix a number of bugs and add several enhancements are now available. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-17 modified 2014-06-27 plugin id 76266 published 2014-06-27 reporter This script is Copyright (C) 2014-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/76266 title Fedora 19 : sos-3.1-1.fc19 (2014-7490)