CyberSec.Space Logo
CVEブラウザに戻る

CVE-2014-4040

MEDIUM
5.0
CVSS Severity Score
EPSS Score0.1610%
EPSS Percentile12.25th
Published2014年6月17日
Last Modified2026年5月6日

Vulnerability Description

snap in powerpc-utils 1.2.20 produces an archive with fstab and yaboot.conf files potentially containing cleartext passwords, and lacks a warning about reviewing this archive to detect included passwords, which might allow remote attackers to obtain sensitive information by leveraging access to a technical-support data stream.

Affected Platforms (CPE)

📦
Powerpc Utils Project

Powerpc Utils

= 1.2.20

References & Advisories

🔗 http://openwall.com/lists/oss-security/2014/06/17/1
🔗 http://rhn.redhat.com/errata/RHSA-2015-0384.html
🔗 http://openwall.com/lists/oss-security/2014/06/17/1
🔗 http://rhn.redhat.com/errata/RHSA-2015-0384.html

関連する脆弱性情報

CVE-2014-816510.0

scripts/amsvis/powerpcAMS/amsnet.py in powerpc-utils-python uses the pickle Python module unsafely, which allows remote attackers ...

CVE-2020-16435.5

Execution of the "show ospf interface extensive" or "show ospf interface detail" CLI commands on a Juniper Networks device running...

CVE-2026-121917.8

A vulnerability was found in Comma AI Openpilot 0.11. This issue affects the function pickle.load/pickle.loads of the file selfdri...

CVE-2026-121905.3

A vulnerability has been found in Genspark AI Workspace App 2.8.4 on Android. This vulnerability affects unknown code of the compo...