vulnerability
ELSA-2016-0152 Moderate: Oracle Linux sos security and bug fix update
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:L/AC:L/Au:N/C:P/I:P/A:P) | Feb 9, 2016 | Feb 12, 2016 | Aug 6, 2024 |
Severity
5
CVSS
(AV:L/AC:L/Au:N/C:P/I:P/A:P)
Published
Feb 9, 2016
Added
Feb 12, 2016
Modified
Aug 6, 2024
Description
sosreport in SoS 3.x allows local users to obtain sensitive information from sosreport files or gain privileges via a symlink attack on an archive file in a temporary directory, as demonstrated by sosreport-$hostname-$date.tar in /tmp/sosreport-$hostname-$date.
Solutions
linuxrpm-upgrade-ols6-x86-soslinuxrpm-upgrade-ols6-x86_64-sos
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.