From Bugzilla Helper: User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.5) Gecko/20050519 Netscape/8.0.1 Description of problem: 05.24.17 CVE: CAN-2005-1760 Platform: Linux Title: RedHat Linux Sysreport Proxy Information Disclosure Description: up2date is the RedHat Update Agent software that allows users to download official updates and fixes. Sysreport is a utility designed to collect system information. Proxy authentication information is stored in the up2date configuration file "/etc/sysconfig/rhn/up2date". When sysreport executes, it discloses the contents of this file, including proxy authentication usernames and passwords. All unpatched versions are affected. Ref: http://rhn.redhat.com/errata/RHSA-2005-502.html Version-Release number of selected component (if applicable): How reproducible: Didn't try Additional info:
We don't support up2date, and never ask for sysreport information. Closing deferred.