Lucene search
PRIOn knowledge basePRION:CVE-2011-3589HistoryFeb 15, 2014 - 2:57 p.m.
Code injection
2014-02-1514:57:00
PRIOn knowledge base
www.prio-n.com
1
The Red Hat mkdumprd script for kexec-tools, as distributed in the kexec-tools 1.x before 1.102pre-154 and 2.x before 2.0.0-209 packages in Red Hat Enterprise Linux, uses world-readable permissions for vmcore files, which allows local users to obtain sensitive information by inspecting the file content, as demonstrated by a search for a root SSH key.
| CPE | Name | Operator | Version |
|---|---|---|---|
| kexec-tools | eq | <= 2.0.0-188 | |
| kexec-tools | eq | <= 1.102pre-126 |
Related
veracode
veracode
Information Disclosure
2020-04-10 01:09:03
cve
cve
CVE-2011-3589
2014-02-15 14:57:07
cvelist
cvelist
CVE-2011-3589
2014-02-15 11:00:00
seebug
seebug
Linux系统kexec-tools mkdumprd工具信息泄露漏洞
2011-12-08 00:00:00
debiancve
debiancve
CVE-2011-3589
2014-02-15 14:57:07
nvd
nvd
CVE-2011-3589
2014-02-15 14:57:07
ubuntucve
ubuntucve
CVE-2011-3589
2014-02-15 00:00:00
nessus
nessus
RHEL 5 : kexec-tools (RHSA-2012:0152)
2012-02-21 00:00:00
RHEL 6 : kexec-tools (RHSA-2011:1532)
2011-12-06 00:00:00
Oracle Linux 6 : kexec-tools (ELSA-2011-1532)
2023-09-07 00:00:00
openvas
openvas
RedHat Update for kexec-tools RHSA-2012:0152-03
2012-02-21 00:00:00
Oracle: Security Advisory (ELSA-2011-1532)
2015-10-06 00:00:00
RedHat Update for kexec-tools RHSA-2011:1532-03
2012-07-09 00:00:00
oraclelinux
oraclelinux
kexec-tools security, bug fix, and enhancement update
2011-12-14 00:00:00
kexec-tools security, bug fix, and enhancement update
2012-03-01 00:00:00
redhat
redhat