Vulnerability in Redhat Enterprise_linux
CVE-2005-1760
sysreport 1.3.15 and earlier includes contents of the up2date file in a report, which leaks the password for a proxy server in plaintext and allows local users to gain privileges.
EPSS: 0.020 (77.8th percentile) — read the EPSS interpretation.
Affected products
- Redhat Enterprise_linux — versions 2.1, 3.0, 4.0
- Redhat Enterprise_linux_desktop — versions 3.0, 4.0
- Redhat Linux_advanced_workstation — versions 2.1
- Redhat Sysreport — versions 1.1, 1.2, 1.3
- N/a — versions n/a
References
- secalert@redhat.com (x_refsource_OVAL, signature, vdb-entry)
- secalert@redhat.com (x_refsource_OVAL, signature, vdb-entry)
- secalert@redhat.com (vdb-entry, x_refsource_BID)
- secalert@redhat.com (x_refsource_SECUNIA, third-party-advisory)
- secalert@redhat.com (vdb-entry, x_refsource_SECTRACK)
- secalert@redhat.com (x_refsource_REDHAT, vendor-advisory, Patch, Vendor Advisory)