4 matches found
CVE-2014-4659
Ansible before 1.5.5 sets 0644 permissions for sources.list, which might allow local users to obtain sensitive credential information in opportunistic circumstances by reading a file that uses the "deb http://user:pass@server:port/" format...
CVE-2014-4659
Ansible before 1.5.5 sets 0644 permissions for sources.list, which might allow local users to obtain sensitive credential information in opportunistic circumstances by reading a file that uses the "deb http://user:pass@server:port/" format...
CVE-2014-4659
CVE-2014-4659 affects Ansible before 1.5.5, where sources.list may be created with 0644 permissions. This could allow local users to read credential information embedded in apt sources (e.g., a file formatted as deb http://user:pass@server:port/). The connected documents confirm the vulnerability...
CVE-2014-4659
Ansible before 1.5.5 sets 0644 permissions for sources.list, which might allow local users to obtain sensitive credential information in opportunistic circumstances by reading a file that uses the "deb http://user:pass@server:port/" format...