The sosreport utility in the Red Hat sos package before 1.7-9 and 2.x before 2.2-17 includes (1) Certificate-based Red Hat Network private entitlement keys and the (2) private key for the entitlement in an archive of debugging information, which might allow remote attackers to obtain sensitive information by reading the archive.
References
Link | Resource |
---|---|
http://rhn.redhat.com/errata/RHSA-2011-1536.html | Vendor Advisory |
http://rhn.redhat.com/errata/RHSA-2012-0153.html | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: redhat
Published: 2014-02-17T16:00:00
Updated: 2014-02-17T15:57:02
Reserved: 2011-10-18T00:00:00
Link: CVE-2011-4083
JSON object: View
NVD Information
Status : Analyzed
Published: 2014-02-17T16:55:07.273
Modified: 2014-02-19T00:40:38.407
Link: CVE-2011-4083
JSON object: View
Redhat Information
No data.
CWE