Test ID:	1.3.6.1.4.1.25623.1.0.123890
Category:	Oracle Linux Local Security Checks
Title:	Oracle: Security Advisory (ELSA-2012-0958)
Summary:	The remote host is missing an update for the 'sos' package(s) announced via the ELSA-2012-0958 advisory.
Description:	Summary: The remote host is missing an update for the 'sos' package(s) announced via the ELSA-2012-0958 advisory. Vulnerability Insight: [2.2-29.0.1.el6] - Direct traceroute to linux.oracle.com (John Haxby) [orabug 11713272] - Disable --upload option as it will not work with Oracle support - Check oraclelinux-release instead of redhat-release to get OS version (John Haxby) [bug 11681869] - Remove RH ftp URL and support email - add sos-oracle-enterprise.patch [2.2-29.el6] - Collect the swift configuration directory in gluster module Resolves: bz822442 - Update IPA module and related plug-ins Resolves: bz812395 [2.2-28.el6] - Collect mcelog files in the hardware module Resolves: bz810702 [2.2-27.el6] - Add nfs statedump collection to gluster module Resolves: bz752549 [2.2-26.el6] - Use wildcard to match possible libvirt log paths Resolves: bz814474 [2.2-25.el6] - Add forbidden paths for new location of gluster private keys Resolves: bz752549 [2.2-24.el6] - Fix katello and aeolus command string syntax Resolves: bz752666 - Remove stray hunk from gluster module patch Resolves: bz784061 [2.2-22.el6] - Correct aeolus debug invocation in CloudForms module Resolves: bz752666 - Update gluster module for gluster-3.3 Resolves: bz784061 - Add additional command output to gluster module Resolves: bz768641 - Add support for collecting gluster configuration and logs Resolves: bz752549 [2.2-19.el6] - Collect additional diagnostic information for realtime systems Resolves: bz789096 - Improve sanitization of RHN user and case number in report name Resolves: bz771393 - Fix verbose output and debug logging Resolves: bz782339 - Add basic support for CloudForms data collection Resolves: bz752666 - Add support for Subscription Asset Manager diagnostics Resolves: bz752670 [2.2-18.el6] - Collect fence_virt.conf in cluster module Resolves: bz760995 - Fix collection of /proc/net directory tree Resolves: bz730641 - Gather output of cpufreq-info when present Resolves: bz760424 - Fix brctl showstp output when bridges contain multiple interfaces Resolves: bz751273 - Add /etc/modprobe.d to kernel module Resolves: bz749919 - Ensure relative symlink targets are correctly handled when copying Resolves: bz782589 - Fix satellite and proxy package detection in rhn plugin Resolves: bz749262 - Collect stderr output from external commands Resolves: bz739080 - Collect /proc/cgroups in the cgroups module Resolve: bz784874 - Collect /proc/irq in the kernel module Resolves: bz784862 - Fix installed-rpms formatting for long package names Resolves: bz767827 - Add symbolic links for truncated log files Resolves: bz766583 - Collect non-standard syslog and rsyslog log files Resolves: bz771501 - Use correct paths for tomcat6 in RHN module Resolves: bz749279 - Obscure root password if present in anacond-ks.cfg Resolves: bz790402 - Do not accept embedded forward slashes in RHN usernames Resolves: bz771393 - Add new sunrpc module to collect rpcinfo for gluster systems Resolves: bz784061 Affected Software/OS: 'sos' package(s) on Oracle Linux 6. Solution: Please install the updated package(s). CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2012-2664 54116 http://www.securityfocus.com/bid/54116 RHSA-2012:0958 http://rhn.redhat.com/errata/RHSA-2012-0958.html RHSA-2013:1121 http://rhn.redhat.com/errata/RHSA-2013-1121.html http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html sos-anaconda-info-disclosure(76468) https://exchange.xforce.ibmcloud.com/vulnerabilities/76468
Copyright	Copyright (C) 2015 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.