Design/Logic Flaw

2009-01-2016:30:00

PRIOn knowledge base

www.prio-n.com

6.9 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

Red Hat Certificate System 7.2 uses world-readable permissions for password.conf and unspecified other configuration files, which allows local users to discover passwords by reading these files.

CPENameOperatorVersion
certificate_systemeq7.2

CPE	Name	Operator	Version
	certificate_system	eq	7.2

References

secunia.com/advisories/33540

securitytracker.com/id?1021608

www.securityfocus.com/bid/33288

www.vupen.com/english/advisories/2009/0145

bugzilla.redhat.com/show_bug.cgi?id=451998

exchange.xforce.ibmcloud.com/vulnerabilities/48021

rhn.redhat.com/errata/RHSA-2009-0006.html

rhn.redhat.com/errata/RHSA-2009-0007.html