CVE-2015-3171: Infoleak
First published: Tue May 05 2015(Updated: )
It was reported that sosreport creates output files with world-readable permissions: -rw-r--r--. 1 root root 7331624 May 4 08:55 sosreport-localhost.localdomain-20150504084328.tar.xz -rw-r--r--. 1 root root 33 May 4 08:55 sosreport-localhost.localdomain-20150504084328.tar.xz.md5 The archive may consists of files originally only accessible by the root user. However, after extracting the archive, all of the files are readable by regular users with access to /var/tmp/. Acknowledgements: Red Hat would like to thank Grant Murphy for reporting this issue.
Credit: secalert@redhat.com secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| pip/sosreport | <3.3 | 3.3 |
| Sos-collector | =3.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://bugzilla.redhat.com/show_bug.cgi?id=1218658
- https://github.com/sosreport/sos/commit/d7759d3ddae5fe99a340c88a1d370d65cfa73fd6
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1218659
- https://fedoraproject.org/
- https://github.com/sosreport/sos/commit/8d2577786cce6fcc915836108e405dbf5025dec8
- https://nvd.nist.gov/vuln/detail/CVE-2015-3171
- https://github.com/sosreport/sos/issues/425
- https://github.com/advisories/GHSA-gw46-8559-cggp (Advisory)
- https://github.com/pypa/advisory-database/tree/main/vulns/sosreport/PYSEC-2017-72.yaml
Frequently Asked Questions
What is the severity of CVE-2015-3171?
CVE-2015-3171 is considered to have a medium severity due to the potential exposure of sensitive information.
How do I fix CVE-2015-3171?
To fix CVE-2015-3171, upgrade to sosreport version 3.3 or later.
What does CVE-2015-3171 affect?
CVE-2015-3171 affects the sosreport tool, specifically versions below 3.3.
What are the potential risks of CVE-2015-3171?
The main risk associated with CVE-2015-3171 is that the output files generated may contain sensitive data that is publicly readable.
Is CVE-2015-3171 exploitable remotely?
CVE-2015-3171 is not typically considered remotely exploitable; it primarily pertains to local file permission issues.
- agent/type
- agent/remedy
- agent/first-publish-date
- agent/weakness
- agent/severity
- agent/description
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2015-3171
- agent/author
- collector/mitre-cve
- source/MITRE
- agent/event
- collector/github-advisory-latest
- source/GitHub
- alias/GHSA-gw46-8559-cggp
- agent/software-canonical-lookup
- agent/last-modified-date
- agent/references
- collector/github-advisory
- agent/trending
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-cve
- source/NVD
- package-manager/pip
- vendor/sos project
- canonical/sos-collector
- version/sos-collector/3.2