CVE-2014-4040 Information

Description

snap in powerpc-utils 1.2.20 produces an archive with fstab and yaboot.conf files potentially containing cleartext passwords and lacks a warning about reviewing this archive to detect included passwords which might allow remote attackers to obtain sensitive information by leveraging access to a technical-support data stream.

Reference

http://openwall.com/lists/oss-security/2014/06/17/1 http://rhn.redhat.com/errata/RHSA-2015-0384.html