oval:org.mitre.oval:def:623

Definition Id: oval:org.mitre.oval:def:623

Oval ID:	oval:org.mitre.oval:def:623
Title:	sysreport Plaintext Password Leak
Description:	sysreport 1.3.15 and earlier includes contents of the up2date file in a report, which leaks the password for a proxy server in plaintext and allows local users to gain privileges.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2005-1760	Version:	1
Platform(s):	Red Hat Enterprise Linux 3	Product(s):	sysreport
Definition Synopsis:
Software section Red Hat Enterprise 3 is installed AND sysreport RPM earlier than 0:1.3.7.2-6 AND Configuration section /tmp is world-writable