Information Disclosure Vulnerability in Eject 2.0.10

Information Disclosure Vulnerability in Eject 2.0.10

CVE-2003-1399 · LOW Severity

AV:L/AC:M/AU:N/C:P/I:N/A:N

eject 2.0.10, when installed setuid on systems such as SuSE Linux 7.3, generates different error messages depending on whether a specified file exists or not, which allows local users to obtain sensitive information.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.