Vulnerability-Lookup

CVE-2014-3925 (GCVE-0-2014-3925)

Vulnerability from cvelistv5 – Published: 2014-06-01 01:00 – Updated: 2024-08-06 10:57

Summary

sosreport in Red Hat sos 1.7 and earlier on Red Hat Enterprise Linux (RHEL) 5 produces an archive with an fstab file potentially containing cleartext passwords, and lacks a warning about reviewing this archive to detect included passwords, which might allow remote attackers to obtain sensitive information by leveraging access to a technical-support data stream.

Severity ?

No CVSS data available.

CWE

Assigner

redhat

References

URL

RHBA-2014:1200

Vulnerability from csaf_redhat - Published: 2014-09-16 00:17 - Updated: 2025-11-21 17:21

Summary

Red Hat Bug Fix Advisory: sos bug fix update

Notes

Topic

The updated sos package that fixes several bugs is now available for Red Hat Enterprise Linux 5.

Details

The sos package contains a set of utilities that gather information from system hardware, logs, and configuration files. The information can then be used for diagnostic purposes and debugging. This update fixes the following bugs: * Previously, the sosreport utility did not include the output of the "brctl show" command for all systems. Consequently, information on bridged network configurations was only available in the report tarball on systems using Xen for virtualization. With this update, the networking module collects the output of "brctl show" as well as "brctl showstp" commands for each configured bridge, and thus bridged network configuration information is now available in the report tarball for all hosts. (BZ#833406) * Previous versions of the sosreport utility used the legacy ifconfig command to detect network interfaces, but ifconfig did not support interfaces named via biosdevname. As a consequence, no information on biosdevname interfaces was present in the report tarball. With this update, the sosreport networking plug-in now uses the "ip" command to detect interfaces of all types, and full information on biosdevname interfaces is now included. (BZ#980177) * Previously, the sosreport utility collected the krb5.keytab file from Kerberos installations. Although encrypted, this file can contain sensitive key material. With this update, sosreport collects a summary of krb5.keytab using the klist command but does not collect the krb5.keytab file itself. As a result, krb5.keytab data is still available but no sensitive information is included in the report tarball. (BZ#1029017) * Previously, the sosreport "ds" plug-in collected all directory server logs by default. Depending on the log configuration, this could lead to very large report sizes. With this update, sosreport collects by default only the current version of the directory server logs regarding to "access", "errors" and "audit", and rotated logs are not collected by default. In addition, the plug-in now supports an "all_logs" option that can be used to request the old behavior. As a result, the default report size for directory server hosts is now smaller and more consistent unless full log data is explicitly requested. (BZ#1086736) * Prior to this update, the sosreport utility could include password material in the grub.conf and fstab files collected by the boot loader and file system plug-ins if present on the collection system. Consequently, passwords, either plain text or hashed, could be included in the report tarball. With this bug fix update, password and other secrets are now removed during collection, and passwords from the fstab or grub.conf files can no longer appear in the report tarball. (BZ#1107751) Users of sos are advised to upgrade to this updated package, which fixes these bugs.

This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Low"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "The updated sos package that fixes several bugs is now available for Red Hat Enterprise Linux 5.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "The sos package contains a set of utilities that gather information from system\nhardware, logs, and configuration files. The information can then be used for\ndiagnostic purposes and debugging.\n\nThis update fixes the following bugs:\n\n* Previously, the sosreport utility did not include the output of the \"brctl\nshow\" command for all systems. Consequently, information on bridged network\nconfigurations was only available in the report tarball on systems using Xen for\nvirtualization. With this update, the networking module collects the output of\n\"brctl show\" as well as \"brctl showstp\" commands for each configured bridge, and\nthus bridged network configuration information is now available in the report\ntarball for all hosts. (BZ#833406) \n\n* Previous versions of the sosreport utility used the legacy ifconfig command to\ndetect network interfaces, but ifconfig did not support interfaces named via\nbiosdevname. As a consequence, no information on biosdevname interfaces was\npresent in the report tarball. With this update, the sosreport networking\nplug-in now uses the \"ip\" command to detect interfaces of all types, and full\ninformation on biosdevname interfaces is now included. (BZ#980177) \n\n* Previously, the sosreport utility collected the krb5.keytab file from Kerberos\ninstallations. Although encrypted, this file can contain sensitive key material.\nWith this update, sosreport collects a summary of krb5.keytab using the klist\ncommand but does not collect the krb5.keytab file itself. As a result,\nkrb5.keytab data is still available but no sensitive information is included in\nthe report tarball. (BZ#1029017)\n\n* Previously, the sosreport \"ds\" plug-in collected all directory server logs by\ndefault. Depending on the log configuration, this could lead to very large\nreport sizes. With this update, sosreport collects by default only the current\nversion of the directory server logs regarding to \"access\", \"errors\" and\n\"audit\", and rotated logs are not collected by default. In addition, the plug-in\nnow supports an \"all_logs\" option that can be used to request the old behavior.\nAs a result, the default report size for directory server hosts is now smaller\nand more consistent unless full log data is explicitly requested. (BZ#1086736)\n\n* Prior to this update, the sosreport utility could include password material in\nthe grub.conf and fstab files collected by the boot loader and file system\nplug-ins if present on the collection system. Consequently, passwords, either\nplain text or hashed, could be included in the report tarball. With this bug fix\nupdate, password and other secrets are now removed during collection, and\npasswords from the fstab or grub.conf files can no longer appear in the report\ntarball. (BZ#1107751) \n\nUsers of sos are advised to upgrade to this updated package, which fixes these\nbugs.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHBA-2014:1200",
        "url": "https://access.redhat.com/errata/RHBA-2014:1200"
      },
      {
        "category": "external",
        "summary": "773350",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=773350"
      },
      {
        "category": "external",
        "summary": "782588",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=782588"
      },
      {
        "category": "external",
        "summary": "783423",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=783423"
      },
      {
        "category": "external",
        "summary": "833406",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=833406"
      },
      {
        "category": "external",
        "summary": "916937",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=916937"
      },
      {
        "category": "external",
        "summary": "1099151",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1099151"
      },
      {
        "category": "external",
        "summary": "1099520",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1099520"
      },
      {
        "category": "external",
        "summary": "1107751",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1107751"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2014/rhba-2014_1200.json"
      }
    ],
    "title": "Red Hat Bug Fix Advisory: sos bug fix update",
    "tracking": {
      "current_release_date": "2025-11-21T17:21:00+00:00",
      "generator": {
        "date": "2025-11-21T17:21:00+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.6.12"
        }
      },
      "id": "RHBA-2014:1200",
      "initial_release_date": "2014-09-16T00:17:05+00:00",
      "revision_history": [
        {
          "date": "2014-09-16T00:17:05+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2014-09-16T00:17:05+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-11-21T17:21:00+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
                "product": {
                  "name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
                  "product_id": "5Client",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:5::client"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux (v. 5 server)",
                "product": {
                  "name": "Red Hat Enterprise Linux (v. 5 server)",
                  "product_id": "5Server",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:5::server"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "sos-0:1.7-9.73.el5.src",
                "product": {
                  "name": "sos-0:1.7-9.73.el5.src",
                  "product_id": "sos-0:1.7-9.73.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/sos@1.7-9.73.el5?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "sos-0:1.7-9.73.el5.noarch",
                "product": {
                  "name": "sos-0:1.7-9.73.el5.noarch",
                  "product_id": "sos-0:1.7-9.73.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/sos@1.7-9.73.el5?arch=noarch"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "sos-0:1.7-9.73.el5.noarch as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:sos-0:1.7-9.73.el5.noarch"
        },
        "product_reference": "sos-0:1.7-9.73.el5.noarch",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "sos-0:1.7-9.73.el5.src as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client:sos-0:1.7-9.73.el5.src"
        },
        "product_reference": "sos-0:1.7-9.73.el5.src",
        "relates_to_product_reference": "5Client"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "sos-0:1.7-9.73.el5.noarch as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:sos-0:1.7-9.73.el5.noarch"
        },
        "product_reference": "sos-0:1.7-9.73.el5.noarch",
        "relates_to_product_reference": "5Server"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "sos-0:1.7-9.73.el5.src as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server:sos-0:1.7-9.73.el5.src"
        },
        "product_reference": "sos-0:1.7-9.73.el5.src",
        "relates_to_product_reference": "5Server"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2014-3925",
      "discovery_date": "2014-05-29T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1103324"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "sosreport in Red Hat sos 1.7 and earlier on Red Hat Enterprise Linux (RHEL) 5 produces an archive with an fstab file potentially containing cleartext passwords, and lacks a warning about reviewing this archive to detect included passwords, which might allow remote attackers to obtain sensitive information by leveraging access to a technical-support data stream.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "sos: does not indicate data sent is potentially sensitive on Red Hat Enterprise Linux 5",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This issue did not affect the versions of sosreport as shipped with Red Hat Enterprise Linux 6.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "5Client:sos-0:1.7-9.73.el5.noarch",
          "5Client:sos-0:1.7-9.73.el5.src",
          "5Server:sos-0:1.7-9.73.el5.noarch",
          "5Server:sos-0:1.7-9.73.el5.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2014-3925"
        },
        {
          "category": "external",
          "summary": "RHBZ#1103324",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1103324"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2014-3925",
          "url": "https://www.cve.org/CVERecord?id=CVE-2014-3925"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-3925",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3925"
        }
      ],
      "release_date": "2014-05-29T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2014-09-16T00:17:05+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
          "product_ids": [
            "5Client:sos-0:1.7-9.73.el5.noarch",
            "5Client:sos-0:1.7-9.73.el5.src",
            "5Server:sos-0:1.7-9.73.el5.noarch",
            "5Server:sos-0:1.7-9.73.el5.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHBA-2014:1200"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 1.9,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "NONE",
            "vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          "products": [
            "5Client:sos-0:1.7-9.73.el5.noarch",
            "5Client:sos-0:1.7-9.73.el5.src",
            "5Server:sos-0:1.7-9.73.el5.noarch",
            "5Server:sos-0:1.7-9.73.el5.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "sos: does not indicate data sent is potentially sensitive on Red Hat Enterprise Linux 5"
    }
  ]
}

GHSA-37Q9-FF6C-VJM6

Vulnerability from github – Published: 2022-05-17 03:57 – Updated: 2022-05-17 03:57

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2014-3925"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2014-06-01T04:29:00Z",
    "severity": "MODERATE"
  },
  "details": "sosreport in Red Hat sos 1.7 and earlier on Red Hat Enterprise Linux (RHEL) 5 produces an archive with an fstab file potentially containing cleartext passwords, and lacks a warning about reviewing this archive to detect included passwords, which might allow remote attackers to obtain sensitive information by leveraging access to a technical-support data stream.",
  "id": "GHSA-37q9-ff6c-vjm6",
  "modified": "2022-05-17T03:57:26Z",
  "published": "2022-05-17T03:57:26Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3925"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1102633"
    },
    {
      "type": "WEB",
      "url": "http://openwall.com/lists/oss-security/2014/05/29/6"
    },
    {
      "type": "WEB",
      "url": "http://openwall.com/lists/oss-security/2014/05/30/3"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntu.com/usn/USN-2845-1"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GSD-2014-3925

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

Aliases

CVE-2014-3925

Aliases

CVE-2014-3925

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2014-3925",
    "description": "sosreport in Red Hat sos 1.7 and earlier on Red Hat Enterprise Linux (RHEL) 5 produces an archive with an fstab file potentially containing cleartext passwords, and lacks a warning about reviewing this archive to detect included passwords, which might allow remote attackers to obtain sensitive information by leveraging access to a technical-support data stream.",
    "id": "GSD-2014-3925",
    "references": [
      "https://access.redhat.com/errata/RHBA-2014:1200",
      "https://ubuntu.com/security/CVE-2014-3925"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2014-3925"
      ],
      "details": "sosreport in Red Hat sos 1.7 and earlier on Red Hat Enterprise Linux (RHEL) 5 produces an archive with an fstab file potentially containing cleartext passwords, and lacks a warning about reviewing this archive to detect included passwords, which might allow remote attackers to obtain sensitive information by leveraging access to a technical-support data stream.",
      "id": "GSD-2014-3925",
      "modified": "2023-12-13T01:22:53.486287Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secalert@redhat.com",
        "ID": "CVE-2014-3925",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "sosreport in Red Hat sos 1.7 and earlier on Red Hat Enterprise Linux (RHEL) 5 produces an archive with an fstab file potentially containing cleartext passwords, and lacks a warning about reviewing this archive to detect included passwords, which might allow remote attackers to obtain sensitive information by leveraging access to a technical-support data stream."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://openwall.com/lists/oss-security/2014/05/29/6",
            "refsource": "MISC",
            "url": "http://openwall.com/lists/oss-security/2014/05/29/6"
          },
          {
            "name": "http://openwall.com/lists/oss-security/2014/05/30/3",
            "refsource": "MISC",
            "url": "http://openwall.com/lists/oss-security/2014/05/30/3"
          },
          {
            "name": "http://www.ubuntu.com/usn/USN-2845-1",
            "refsource": "MISC",
            "url": "http://www.ubuntu.com/usn/USN-2845-1"
          },
          {
            "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1102633",
            "refsource": "MISC",
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1102633"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:redhat:sos:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "1.7",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2014-3925"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "sosreport in Red Hat sos 1.7 and earlier on Red Hat Enterprise Linux (RHEL) 5 produces an archive with an fstab file potentially containing cleartext passwords, and lacks a warning about reviewing this archive to detect included passwords, which might allow remote attackers to obtain sensitive information by leveraging access to a technical-support data stream."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-255"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1102633",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1102633"
            },
            {
              "name": "[oss-security] 20140530 Re: CVE request: sos: /etc/fstab collected by sosreport, possibly containing passwords",
              "refsource": "MLIST",
              "tags": [],
              "url": "http://openwall.com/lists/oss-security/2014/05/30/3"
            },
            {
              "name": "[oss-security] 20140529 CVE request: sos: /etc/fstab collected by sosreport, possibly containing passwords",
              "refsource": "MLIST",
              "tags": [],
              "url": "http://openwall.com/lists/oss-security/2014/05/29/6"
            },
            {
              "name": "USN-2845-1",
              "refsource": "UBUNTU",
              "tags": [],
              "url": "http://www.ubuntu.com/usn/USN-2845-1"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2016-04-06T12:53Z",
      "publishedDate": "2014-06-01T04:29Z"
    }
  }
}

FKIE_CVE-2014-3925

Vulnerability from fkie_nvd - Published: 2014-06-01 04:29 - Updated: 2025-04-12 10:46

Severity ?

Summary

References

URL	Tags
secalert@redhat.com	http://openwall.com/lists/oss-security/2014/05/29/6
secalert@redhat.com	http://openwall.com/lists/oss-security/2014/05/30/3
secalert@redhat.com	http://www.ubuntu.com/usn/USN-2845-1
secalert@redhat.com	https://bugzilla.redhat.com/show_bug.cgi?id=1102633	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://openwall.com/lists/oss-security/2014/05/29/6
af854a3a-2127-422b-91ae-364da2661108	http://openwall.com/lists/oss-security/2014/05/30/3
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/USN-2845-1
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.redhat.com/show_bug.cgi?id=1102633	Vendor Advisory

Impacted products

Vendor	Product	Version
canonical	ubuntu_linux	14.04
canonical	ubuntu_linux	15.04
canonical	ubuntu_linux	15.10
redhat	sos	*
redhat	enterprise_linux	5

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
              "matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*",
              "matchCriteriaId": "F38D3B7E-8429-473F-BB31-FC3583EE5A5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "E88A537F-F4D0-46B9-9E37-965233C2A355",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:redhat:sos:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E587F4B7-54A2-4693-B063-E950E728DEB2",
              "versionEndIncluding": "1.7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:5:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA9B3CC0-DF1C-4A86-B2A3-A9D428A5A6E6",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "sosreport in Red Hat sos 1.7 and earlier on Red Hat Enterprise Linux (RHEL) 5 produces an archive with an fstab file potentially containing cleartext passwords, and lacks a warning about reviewing this archive to detect included passwords, which might allow remote attackers to obtain sensitive information by leveraging access to a technical-support data stream."
    },
    {
      "lang": "es",
      "value": "sosreport en Red Hat sos 1.7 y versiones anteriores en Red Hat Enterprise Linux (RHEL) 5 produce un archivo con un fichero fstab conteniendo potencialmente contrase\u00f1as en texto plano, y carece de una advertencia sobre la revisi\u00f3n de este fichero para detectar las contrase\u00f1as incluidas, lo que podr\u00eda permitir a atacantes remotos obtener informaci\u00f3n sensible aprovechando el acceso al flujo de datos de soporte t\u00e9cnico."
    }
  ],
  "id": "CVE-2014-3925",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2014-06-01T04:29:34.923",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://openwall.com/lists/oss-security/2014/05/29/6"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://openwall.com/lists/oss-security/2014/05/30/3"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.ubuntu.com/usn/USN-2845-1"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1102633"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://openwall.com/lists/oss-security/2014/05/29/6"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://openwall.com/lists/oss-security/2014/05/30/3"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/USN-2845-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1102633"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-255"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2014-3925 (GCVE-0-2014-3925)

RHBA-2014:1200

GHSA-37Q9-FF6C-VJM6

GSD-2014-3925

FKIE_CVE-2014-3925

Tags

Sightings

Nomenclature