pulp /etc/pulp/pulp.conf world readable, contains default admin password

Pulp in Red Hat CloudForms before 1.1 uses world-readable permissions for pulp.conf, which allows local users to read the administrative password by reading this file...

Safend Data Protector information leakage

Private key is logged into user readable file...

Oracle Exadata Leaf Switch Weak Logins

Oracle Exadata leaf switch logins From Oracle.com "Oracle Exadata is the only database machine that provides extreme performance for both data warehousing and OLTP applications, making it the ideal platform for consolidating on private clouds. It is a complete package of servers, storage,...

rhncfg: Insecure permissions used for /var/log/rhncfg-actions file

Red Hat Network RHN Configuration Client rhncfg-client in rhncfg before 5.10.27-8 uses weak permissions world-readable for /var/log/rhncfg-actions, which allows local users to obtain sensitive information about the rhncfg-client actions by reading the file...

Fedora 17 : dracut-018-105.git20120927.fc17 (2012-14953)

dracut-018-105.git20120927 - enable the use of the nbd port with e.g. '-N ltsp' - actually make resetoverlay working for squash overlays - fixed FIPS - if any mdraid found, make dracut run on shutdown - make the initramfs non-world readable Note that Tenable Network Security has extracted the...

DEBIAN-CVE-2012-4453

dracut.sh in dracut, as used in Red Hat Enterprise Linux 6, Fedora 16 and 17, and possibly other products, creates initramfs images with world-readable permissions, which might allow local users to obtain sensitive information...

CVE-2012-4453

dracut.sh in dracut, as used in Red Hat Enterprise Linux 6, Fedora 16 and 17, and possibly other products, creates initramfs images with world-readable permissions, which might allow local users to obtain sensitive information...

CVE-2012-4453

dracut.sh in dracut, as used in Red Hat Enterprise Linux 6, Fedora 16 and 17, and possibly other products, creates initramfs images with world-readable permissions, which might allow local users to obtain sensitive information...

Information disclosure

dracut.sh in dracut, as used in Red Hat Enterprise Linux 6, Fedora 16 and 17, and possibly other products, creates initramfs images with world-readable permissions, which might allow local users to obtain sensitive information...

UBUNTU-CVE-2012-4453

dracut.sh in dracut, as used in Red Hat Enterprise Linux 6, Fedora 16 and 17, and possibly other products, creates initramfs images with world-readable permissions, which might allow local users to obtain sensitive information...

Fedora Update for perl-Config-IniFiles FEDORA-2012-7763

Check for the Version of perl-Config-IniFiles OpenVAS Vulnerability Test Fedora Update for perl-Config-IniFiles FEDORA-2012-7763 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it...

DEBIAN-CVE-2011-4944

Python 2.6 through 3.2 creates /.pypirc with world-readable permissions before changing them after data has been written, which introduces a race condition that allows local users to obtain a username and password by reading this file...

Race condition

Python 2.6 through 3.2 creates /.pypirc with world-readable permissions before changing them after data has been written, which introduces a race condition that allows local users to obtain a username and password by reading this file...

PSF-2012-2 pypirc created insecurely

Python 2.6 through 3.2 creates /.pypirc with world-readable permissions before changing them after data has been written, which introduces a race condition that allows local users to obtain a username and password by reading this file...

CVE-2012-3457

PNP4Nagios 0.6 through 0.6.16 uses world-readable permissions for processperfdata.cfg, which allows local users to obtain the Gearman shared secret by reading the file...

CVE-2012-3457

CVE-2012-3457 affects PNP4Nagios 0.6–0.6.16. The root cause is world-readable permissions on the file process_perfdata.cfg , which allows local users to read the Gearman shared secret . Public references include NVD, OpenVAS/Fedora advisories, and Ubuntu/Prion entries confirming the same vulnerab...

CVE-2012-0421

The SUSE Audit Log Keeper daemon before 0.2.1-0.4.6.1 for SUSE Manager and Spacewalk uses world-readable permissions for /etc/auditlog-keeper.conf, which allows local users to obtain passwords by reading this file...

CVE-2012-0421

The SUSE Audit Log Keeper daemon before 0.2.1-0.4.6.1 for SUSE Manager and Spacewalk uses world-readable permissions for /etc/auditlog-keeper.conf, which allows local users to obtain passwords by reading this file...

Scientific Linux Security Update : gfs2-utils on SL5.x i386/x86_64

Multiple insecure temporary file use flaws were discovered in GFS2 user level utilities. A local attacker could use these flaws to overwrite an arbitrary file writable by a victim running those utilities typically root with the output of the utilities via a symbolic link attack. CVE-2008-6552 Thi...

Scientific Linux Security Update : kernel on SL5.x i386/x86_64

The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues : - A NULL pointer dereference flaw was found in the Linux kernel's Stream Control Transmission Protocol SCTP implementation. A remote attacker could send a...