New Search

sysreport Plaintext Password Leak

oval:org.mitre.oval:def:623

sysreport 1.3.15 and earlier includes contents of the up2date file in a report which leaks the password for a proxy server in plaintext and allows local users to gain privileges.

Family:
unix
Status:
ACCEPTED
Platform(s):
  • Red Hat Enterprise Linux 3
Class:
vulnerability
Reference(s):
  • CVE-2005-1760
Product(s):
  • sysreport