Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
centosCentOS ProjectCESA-2005:502-01
HistoryJun 13, 2005 - 10:49 p.m.

sysreport security update

2005-06-1322:49:35
CentOS Project
lists.centos.org
39

0.001 Low

EPSS

Percentile

25.1%

JSON

CentOS Errata and Security Advisory CESA-2005:502-01

Sysreport is a utility that gathers information about a system’s hardware
and configuration. The information can then be used for diagnostic purposes
and debugging.

When run by the root user, sysreport includes the contents of the
/etc/sysconfig/rhn/up2date configuration file. If up2date has been
configured to connect to a proxy server that requires an authentication
password, that password is included in plain text in the system report.
The Common Vulnerabilities and Exposures project assigned the name
CAN-2005-1760 to this issue.

Users of sysreport should update to this erratum package, which contains a
patch that removes any proxy authentication passwords.

Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2005-June/074014.html

Affected packages:
sysreport

OSVersionArchitecturePackageVersionFilename
CentOS2noarchsysreport< 1.3.7.0-4sysreport-1.3.7.0-4.noarch.rpm

Related

cvelist 1
cve 1
nessus 2
redhat 1
centos 1
cvelist
cvelist
CVE-2005-1760
2005-06-14 04:00:00
cve
cve
CVE-2005-1760
2005-06-13 04:00:00
nessus
nessus
RHEL 2.1 / 3 / 4 : sysreport (RHSA-2005:502)
2005-06-13 00:00:00
CentOS 3 / 4 : sysreport (CESA-2005:502)
2006-07-05 00:00:00
redhat
redhat
(RHSA-2005:502) sysreport security update
2005-06-13 00:00:00
centos
centos
sysreport security update
2005-06-13 14:57:28

0.001 Low

EPSS

Percentile

25.1%

JSON
Related for CESA-2005:502-01
cvelist1cve1nessus2redhat1centos1