Bug #15517: Root password is sent to system journal in clear text when set - Discovery - Foreman

Actions

Copy link

Bug #15517

closed

Root password is sent to system journal in clear text when set

Added by Lukas Zapletal over 8 years ago. Updated over 8 years ago.

Status:

Closed

Priority:

Normal

Assignee:

Lukas Zapletal

Category:

Image

Target version:

Discovery Image 3.2.0

Difficulty:

trivial

Triaged:

Bugzilla link:

1349138

Pull request:

https://github.com/theforeman/foreman-discovery-image/pull/77

Fixed in Releases:

Found in Releases:

Red Hat JIRA:

Description

By default root account is locked on discovered nodes, user needs to enable ssh service manually and enter root password in the dialog. Then it makes into the system journal in clear text.

This is being tracked as CVE-2016-4996, moderate impact.

Acknowledgments:

Name: Thom Carlin (Red Hat)

History
Notes
Property changes
Associated revisions

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Plugins » Discovery

Custom queries

Bug #15517

Root password is sent to system journal in clear text when set

Updated by Lukas Zapletal over 8 years ago

Updated by The Foreman Bot over 8 years ago

Updated by Lukas Zapletal over 8 years ago