Oval Definition:oval:org.mitre.oval:def:997
Revision Date:2012-04-23Version:21
Title:Red Hat Enterprise Linux 3 Kernel Serial Link Information Disclosure Vulnerability
Description:/proc/tty/driver/serial in Linux 2.4.x reveals the exact number of characters used in serial links, which could allow local users to obtain potentially sensitive information such as the length of passwords.
Family:unixClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2003-0461
Platform(s):Red Hat Enterprise Linux 3
Product(s):
Definition Synopsis
  • Software section
  • Red Hat Enterprise 3 is installed
  • AND ix86 architecture
  • AND kernel version is less than 2.4.21-15.EL
  • AND Configuration section
  • /proc/tty/driver/serial is world-readable
  • AND /proc/tty/driver/ is world-executable
  • AND /proc/tty/ is world-executable
  • AND /proc/ is world-executable
    • BACK