Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-4083

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2011-4083
Last Modified 18 Feb 2014 07:40:38
Published 17 Feb 2014 11:55:07
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2011-4083

Summary

The sosreport utility in the Red Hat sos package before 1.7-9 and 2.x before 2.2-17 includes (1) Certificate-based Red Hat Network private entitlement keys and the (2) private key for the entitlement in an archive of debugging information, which might allow remote attackers to obtain sensitive information by reading the archive.

Vulnerable Systems

Application

  • Redhat Sos 1.6

  • Redhat Sos 1.7

  • Redhat Sos 1.7-6

  • Redhat Sos 1.7-8

  • Redhat Sos 2.2-10

  • Redhat Sos 2.2-11

  • Redhat Sos 2.2-14

  • Redhat Sos 2.2-15

  • Redhat Sos 2.2-16

  • Redhat Sos 2.2-3

  • Redhat Sos 2.2-6

  • Redhat Sos 2.2-7

  • Redhat Sos 2.2-8

  • Redhat Sos 2.2-9


References

REDHAT - RHSA-2012:0153

REDHAT - RHSA-2011:1536

Related Patches

Red Hat 2012:0153-03 RHSA Low: sos security, bug fix, and enhancement update for RHEL 5 x86

Red Hat 2012:0153-03 RHSA Low: sos security, bug fix, and enhancement update for RHEL 5 x86_64


Last Updated: 27 May 2016 11:04:29