RSS   Vulnerabilities for 'Dracut'   RSS

2012-10-09
 
CVE-2012-4453

CWE-264
 

 
dracut.sh in dracut, as used in Red Hat Enterprise Linux 6, Fedora 16 and 17, and possibly other products, creates initramfs images with world-readable permissions, which might allow local users to obtain sensitive information.

 
2010-12-07
 
CVE-2010-4176

CWE-264
 

 
plymouth-pretrigger.sh in dracut and udev, when running on Fedora 13 and 14, sets weak permissions for the /dev/systty device file, which allows remote authenticated users to read terminal data from tty0 for local users.

 

 >>> Vendor: Fedoraproject 20 Products
Fedora core
Networkmanager
Coolkey
Fedora
Commons
SSSD
Dracut
389 directory server
Libnm-util
Anaconda
Crypto-utils
Arm installer
Fedmsg
389 administration server
Python-fedora
Spin-kickstarts
Sectool
Selinux-policy
Fedora extra packages for enterprise linux
Extra packages for enterprise linux


Copyright 2024, cxsecurity.com

 

Back to Top