CVE-2005-1760 Information

Description

sysreport 1.3.15 and earlier includes contents of the up2date file in a report which leaks the password for a proxy server in plaintext and allows local users to gain privileges.

Reference

http://secunia.com/advisories/15675 http://securitytracker.com/id?1014181 http://www.redhat.com/support/errata/RHSA-2005-502.html http://www.securityfocus.com/bid/13936 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A623 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A9522