CVE-2012-6116
CVE-2012-6116 affects Katello: the file modules/certs/manifests/config.pp in katello-configure before 1.3.3.pulpv2 creates the Candlepin bootstrap RPM with world-writable (0666) permissions. This allows local users to modify the Candlepin CA certificate used to trust the Katello server by writing...