SecuritySpace - CVE-2011-3589

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2011-3589

Description: The Red Hat mkdumprd script for kexec-tools, as distributed in the kexec-tools 1.x before 1.102pre-154 and 2.x before 2.0.0-209 packages in Red Hat Enterprise Linux, uses world-readable permissions for vmcore files, which allows local users to obtain sensitive information by inspecting the file content, as demonstrated by a search for a root SSH key.

Test IDs: None available

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2011-3589
RHSA-2011:1532
http://rhn.redhat.com/errata/RHSA-2011-1532.html
RHSA-2012:0152
http://rhn.redhat.com/errata/RHSA-2012-0152.html
https://bugzilla.redhat.com/show_bug.cgi?id=716439
https://bugzilla.redhat.com/show_bug.cgi?id=716439

CVE ID:	CVE-2011-3589
Description:	The Red Hat mkdumprd script for kexec-tools, as distributed in the kexec-tools 1.x before 1.102pre-154 and 2.x before 2.0.0-209 packages in Red Hat Enterprise Linux, uses world-readable permissions for vmcore files, which allows local users to obtain sensitive information by inspecting the file content, as demonstrated by a search for a root SSH key.
Test IDs:	None available
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2011-3589 RHSA-2011:1532 http://rhn.redhat.com/errata/RHSA-2011-1532.html RHSA-2012:0152 http://rhn.redhat.com/errata/RHSA-2012-0152.html https://bugzilla.redhat.com/show_bug.cgi?id=716439 https://bugzilla.redhat.com/show_bug.cgi?id=716439