CVE-2013-4455
CVE-2013-4455 affects the Katello Installer prior to 0.0.18. During deployment of a child Pulp node, it uses world-readable permissions on /etc/pki/tls/private/katello-node.key, enabling local users to read the private key. The primary impact is unauthorized access to the private key by anyone wi...