oval:org.mitre.oval:def:997

Definition Id: oval:org.mitre.oval:def:997

Oval ID:	oval:org.mitre.oval:def:997
Title:	Red Hat Enterprise Linux 3 Kernel Serial Link Information Disclosure Vulnerability
Description:	/proc/tty/driver/serial in Linux 2.4.x reveals the exact number of characters used in serial links, which could allow local users to obtain potentially sensitive information such as the length of passwords.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2003-0461	Version:	4
Platform(s):	Red Hat Enterprise Linux 3	Product(s):
Definition Synopsis:
Software section Red Hat Enterprise 3 is installed AND ix86 architecture AND kernel version is less than 2.4.21-15.EL AND Configuration section /proc/tty/driver/serial is world-readable AND /proc/tty/driver/ is world-executable AND /proc/tty/ is world-executable AND /proc/ is world-executable