Vulnerabilities > CVE-2014-3925 - Credentials Management vulnerability in multiple products

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

network

low complexity

canonical

redhat

CWE-255

nessus

NVD

Published: 2014-06-01

Updated: 2016-04-06

Summary

sosreport in Red Hat sos 1.7 and earlier on Red Hat Enterprise Linux (RHEL) 5 produces an archive with an fstab file potentially containing cleartext passwords, and lacks a warning about reviewing this archive to detect included passwords, which might allow remote attackers to obtain sensitive information by leveraging access to a technical-support data stream.

Vulnerable Configurations

Part	Description	Count
OS	Canonical Canonical Ubuntu Linux 14.04 Canonical Ubuntu Linux 15.04 Canonical Ubuntu Linux 15.10	3
OS	Redhat Redhat Enterprise Linux 5	1
Application	Redhat Redhat SOS *	1

Common Weakness Enumeration (CWE)

CWE-255 - Credentials Management

Nessus

NASL family	Ubuntu Local Security Checks
NASL id	UBUNTU_USN-2845-1.NASL
description	Dolev Farhi discovered an information disclosure issue in SoS. If the /etc/fstab file contained passwords, the passwords were included in the SoS report. This issue only affected Ubuntu 14.04 LTS. (CVE-2014-3925) Mateusz Guzik discovered that SoS incorrectly handled temporary files. A local attacker could possibly use this issue to overwrite arbitrary files or gain access to temporary file contents containing sensitive system information. (CVE-2015-7529). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-06-01
modified	2020-06-02
plugin id	87499
published	2015-12-18
reporter	Ubuntu Security Notice (C) 2015-2019 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/87499
title	Ubuntu 14.04 LTS / 15.04 / 15.10 : sosreport vulnerabilities (USN-2845-1)

Redhat

advisories

bugzilla

id	1107751
title	backport fstab and grub.conf password stripping from upstream

oval

comment Red Hat Enterprise Linux must be installed
oval oval:com.redhat.rhba:tst:20070304026

AND

comment Red Hat Enterprise Linux 5 is installed
oval oval:com.redhat.rhba:tst:20070331005
comment sos is earlier than 0:1.7-9.73.el5
oval oval:com.redhat.rhba:tst:20141200001
comment sos is signed with Red Hat redhatrelease key
oval oval:com.redhat.rhba:tst:20141200002

rhsa

id	RHBA-2014:1200
released	2014-09-16
severity	None
title	RHBA-2014:1200: sos bug fix update (None)

rpms

sos-0:1.7-9.73.el5

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Nessus

Redhat

References