RHEL 2.1 : fam (RHSA-2005:005)

This script is Copyright (C) 2005-2016 Tenable Network Security, Inc.

Synopsis :

The remote Red Hat host is missing one or more security updates.

Description :

Updated fam packages that fix an information disclosure bug are now

FAM, the File Alteration Monitor, provides a daemon and an API which
applications can use for notification of changes in specific files or

A bug has been found in the way FAM handles group permissions. It is
possible that a local unprivileged user can use a flaw in FAM's group
handling to discover the names of files which are only viewable to
users in the 'root' group. The Common Vulnerabilities and Exposures
project (cve.mitre.org) has assigned the name CVE-2002-0875 to this
issue. This issue only affects the version of FAM shipped with Red Hat
Enterprise Linux 2.1.

Users of FAM should update to these updated packages which contain
backported patches and are not vulnerable to this issue.

See also :


Solution :

Update the affected fam and / or fam-devel packages.

Risk factor :

Low / CVSS Base Score : 2.1

Family: Red Hat Local Security Checks

Nessus Plugin ID: 16108 ()

Bugtraq ID:

CVE ID: CVE-2002-0875

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now