Lucene search
PRIOn knowledge basePRION:CVE-2011-3588HistoryFeb 15, 2014 - 2:57 p.m.
Code injection
2014-02-1514:57:00
PRIOn knowledge base
www.prio-n.com
2
The SSH configuration in the Red Hat mkdumprd script for kexec-tools, as distributed in the kexec-tools 1.x before 1.102pre-154 and 2.x before 2.0.0-209 packages in Red Hat Enterprise Linux, disables the StrictHostKeyChecking option, which allows man-in-the-middle attackers to spoof kdump servers, and obtain sensitive core information, by using an arbitrary SSH key.
| CPE | Name | Operator | Version |
|---|---|---|---|
| kexec-tools | eq | <= 2.0.0-188 | |
| kexec-tools | eq | <= 1.102pre-126 |
Related
veracode
veracode
Information Disclosure
2020-04-10 01:09:02
debiancve
debiancve
CVE-2011-3588
2014-02-15 14:57:07
cve
cve
CVE-2011-3588
2014-02-15 14:57:07
CVE-2011-4190
2018-06-08 17:29:00
ubuntucve
ubuntucve
CVE-2011-3588
2014-02-15 00:00:00
cvelist
cvelist
CVE-2011-3588
2014-02-15 11:00:00
CVE-2011-4190 Missing verification of host key for kdump server
2011-12-13 00:00:00
nvd
nvd
CVE-2011-3588
2014-02-15 14:57:07
CVE-2011-4190
2018-06-08 17:29:00
seebug
seebug
Linux系统kdump和mkdumprd工具信息泄露漏洞
2011-12-08 00:00:00
prion
prion
Design/Logic Flaw
2018-06-08 17:29:00
nessus
nessus
RHEL 5 : kexec-tools (RHSA-2012:0152)
2012-02-21 00:00:00
Oracle Linux 6 : kexec-tools (ELSA-2011-1532)
2023-09-07 00:00:00
openvas
openvas
RedHat Update for kexec-tools RHSA-2012:0152-03
2012-02-21 00:00:00
Oracle: Security Advisory (ELSA-2011-1532)
2015-10-06 00:00:00
Oracle: Security Advisory (ELSA-2012-0152)
2015-10-06 00:00:00
oraclelinux
oraclelinux
kexec-tools security, bug fix, and enhancement update
2012-03-01 00:00:00
kexec-tools security, bug fix, and enhancement update
2011-12-14 00:00:00
redhat
redhat