From f3581ec9b2d48c6103c22fecb46f713217d834e8 Mon Sep 17 00:00:00 2001 From: dann frazier Date: Thu, 17 Aug 2006 00:24:25 +0000 Subject: move retired to the top level hierarchy so people can easily checkout just the active issues git-svn-id: svn+ssh://svn.debian.org/svn/kernel-sec@548 e094ebfe-e918-0410-adfb-c712417f3574 --- retired/CVE-2003-0501 | 33 +++++++++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) create mode 100644 retired/CVE-2003-0501 (limited to 'retired/CVE-2003-0501') diff --git a/retired/CVE-2003-0501 b/retired/CVE-2003-0501 new file mode 100644 index 00000000..abd9ec50 --- /dev/null +++ b/retired/CVE-2003-0501 @@ -0,0 +1,33 @@ +Candidate: CVE-2003-0501 +References: + BUGTRAQ:20030620 Linux /proc sensitive information disclosure + URL:http://marc.theaimsgroup.com/?l=bugtraq&m=105621758104242 + REDHAT:RHSA-2003:198 + URL:http://www.redhat.com/support/errata/RHSA-2003-198.html + REDHAT:RHSA-2003:238 + URL:http://www.redhat.com/support/errata/RHSA-2003-238.html + SUSE:SuSE-SA:2003:034 + DEBIAN:DSA-358 + URL:http://www.debian.org/security/2004/dsa-358 + DEBIAN:DSA-423 + URL:http://www.debian.org/security/2004/dsa-423 + OVAL:OVAL328 + URL:http://oval.mitre.org/oval/definitions/data/oval328.html +Description: + The /proc filesystem in Linux allows local users to obtain + sensitive information by opening various entries in /proc/self + before executing a setuid program, which causes the program to + fail to change the ownership and permissions of those entries. +Notes: +Bugs: +upstream: released (2.4.22-pre10) +linux-2.6: N/A +2.6.8-sarge-security: N/A +2.4.27-sarge-security: N/A +2.4.19-woody-security: released (2.4.19-4.woody3) +2.4.18-woody-security: released (2.4.18-10) +2.4.17-woody-security: released (2.4.17-1woody4) +2.4.16-woody-security: released (2.4.16-1woody3) +2.4.17-woody-security-hppa: released (32.5) +2.4.17-woody-security-ia64: released (011226.14.1) +2.4.18-woody-security-hppa: released (62.4) -- cgit v1.2.3