← volver
CVE-2014-4659

CVE-2014-4659

EPSS 0.4%
Ansible before 1.5.5 sets 0644 permissions for sources.list, which might allow local users to obtain sensitive credential information in opportunistic circumstances by reading a file that uses the "deb http://user:pass@server:port/" format.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://github.com/ansible/ansible/blob/release1.5.5/CHANGELOG.mdhttps://www.securityfocus.com/bid/68234