Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Thu, 29 May 2014 21:03:35 +1000
From: Murray McAllister <>
Subject: CVE request: sos: /etc/fstab collected by sosreport, possibly containing

Good morning,

 From <>:

It was reported that sosreport collected and stored "/etc/fstab" in the 
resulting archive of debugging information. This may contain plain text 
passwords (or a link to the file containing them), for example, 
credentials for Samba mounts. This could leak passwords to an attacker 
who is able to access the archive. Sensitive information in "/etc/fstab" 
should be sanitized before being stored by sosreport.

Note that "/etc/fstab" is world-readable, so local attackers should not 
be a concern (they can read the file anyway). This could be an issue 
when the sosreport is sent to other parties.


Red Hat would like to thank Dolev Farhi of F5 Networks for reporting 
this issue.

I think it should have a CVE, but I am less sure due to "/etc/fstab" 
being world-readable, so I have not assigned one.


Murray McAllister / Red Hat Security Response Team

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ