RSS   Vulnerabilities for 'Libstorage-ng'   RSS

2016-09-26
 
CVE-2016-5746

CWE-Other
 

 
libstorage, libstorage-ng, and yast-storage improperly store passphrases for encrypted storage devices in a temporary file on disk, which might allow local users to obtain sensitive information by reading the file, as demonstrated by /tmp/libstorage-XXXXXX/pwdf.

 

 >>> Vendor: Opensuse 24 Products
Opensuse
Zypper
Libxcrypt
OSC
SRVX
Evergreen
Libstorage
Libstorage-ng
Suse linux enterprise desktop
Suse linux enterprise server
Suse linux enterprise software development kit
Linux enterprise desktop
Linux enterprise workstation extension
Nonfree
LEAP
Libzypp
Cryptctl
Open build service
Sysconfig
Libsolv
Opensuse leap
Yast2-samba-provision
Yast2-printer
Backports


Copyright 2019, cxsecurity.com

 

Back to Top