RSS   Vulnerabilities for 'Dracut'   RSS

2012-10-09
 
CVE-2012-4453

CWE-264
 

 
dracut.sh in dracut, as used in Red Hat Enterprise Linux 6, Fedora 16 and 17, and possibly other products, creates initramfs images with world-readable permissions, which might allow local users to obtain sensitive information.

 
2010-12-07
 
CVE-2010-4176

CWE-264
 

 
plymouth-pretrigger.sh in dracut and udev, when running on Fedora 13 and 14, sets weak permissions for the /dev/systty device file, which allows remote authenticated users to read terminal data from tty0 for local users.

 

 >>> Vendor: Fedoraproject 16 Products
Fedora core
Coolkey
Commons
Fedora
SSSD
Dracut
389 directory server
Libnm-util
Networkmanager
Anaconda
Crypto-utils
Arm installer
Fedmsg
389 administration server
Python-fedora
Spin-kickstarts


Copyright 2019, cxsecurity.com

 

Back to Top