2 matches found
CVE-2005-1760
Summary: CVE-2005-1760 affects sysreport up to 1.3.15. When run as root, sysreport includes /etc/sysconfig/rhn/up2date; if a proxy password is configured, that password is written in plaintext in the report, enabling local privilege escalation. Affected software/versions: sysreport 1.3.15 and ear...
CVE-2005-2104
CVE-2005-2104 affects sysreport before 1.3.7, enabling local attackers to obtain sensitive information via a symlink attack on a temporary directory. Connected advisories document a fix: Red Hat RHSA-2005:598 (and CentOS/CESA-2005:598) update the sysreport package to resolve an insecure temporary...