Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 19 Jul 2014 19:09:06 +0300
From: "Dolev Farhi" <>
Subject: Re: CVE's for intersection vulnerabilities

On Sat, 19 Jul 2014 14:32:50 +0300, intrigeri <> wrote:

> Hi,
> Kurt Seifried wrote (19 Jul 2014 00:33:38 GMT) :
>> So long story short: we have a program called sosreport that is used
>> to send system information back to Red Hat so we can help customers
>> troubleshoot their problems. It would appear we have three main
>> classes of (potential) security vulnerabilities:
> The severity of these potential vulnerabilities may partly depend on
> how well sosreport authenticates the server it sends information to.
> Cheers,
> --
> intrigeri

Just wanna mention that sosreport is used by many companies other than red  
hat (e.g. a company may ask for an sosreport from their customers), i know  
that we use it to get environment data from customers.



This email is free from viruses and malware because avast! Antivirus protection is active.

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ