ALAS-2016-666 ---- sos
|ID: oval:org.secpod.oval:def:1600380||Date: (C)2016-05-19 (M)2017-11-10|
|Class: PATCH||Family: unix|
An insecure temporary file use flaw was found in the way sos created certain sosreport files. A local attacker could possibly use this flaw to perform a symbolic link attack to reveal the contents of sosreport files, or in some cases modify arbitrary files and escalate their privileges on the system.
|Amazon Linux AMI|