2198 matches found
Mandriva Linux Security Advisory : ldns (MDVSA-2014:085)
Updated ldns packages fix security vulnerability : ldns-keygen creates a private key with the default permissions according to the users umask, which in most cases will cause the private key to be world-readable CVE-2014-3209. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive...
CVE-2013-4577
A certain Debian patch for GNU GRUB uses world-readable permissions for grub.cfg, which allows local users to obtain password hashes, as demonstrated by reading the passwordpbkdf2 directive in the file...
DEBIAN-CVE-2013-4577
A certain Debian patch for GNU GRUB uses world-readable permissions for grub.cfg, which allows local users to obtain password hashes, as demonstrated by reading the passwordpbkdf2 directive in the file...
CVE-2013-4577
A certain Debian patch for GNU GRUB uses world-readable permissions for grub.cfg, which allows local users to obtain password hashes, as demonstrated by reading the passwordpbkdf2 directive in the file...
Default credentials
A certain Debian patch for GNU GRUB uses world-readable permissions for grub.cfg, which allows local users to obtain password hashes, as demonstrated by reading the passwordpbkdf2 directive in the file...
UBUNTU-CVE-2013-4577
A certain Debian patch for GNU GRUB uses world-readable permissions for grub.cfg, which allows local users to obtain password hashes, as demonstrated by reading the passwordpbkdf2 directive in the file...
CVE-2013-4577
CVE-2013-4577 affects GNU GRUB via a Debian patch that leaves grub.cfg world-readable, allowing local users to read password hashes (via the password_pbkdf2 directive). The impact is partial confidentiality; exploitation details are not provided in the supplied documents, and no remediation infor...
CVE-2013-4577
A certain Debian patch for GNU GRUB uses world-readable permissions for grub.cfg, which allows local users to obtain password hashes, as demonstrated by reading the passwordpbkdf2 directive in the file...
CVE-2013-4577
A certain Debian patch for GNU GRUB uses world-readable permissions for grub.cfg, which allows local users to obtain password hashes, as demonstrated by reading the passwordpbkdf2 directive in the file...
PT-2014-2837 · Debian +1 · Debian +1
Name of the Vulnerable Software and Affected Versions: Debian affected versions not specified Description: The issue concerns a Debian patch for GNU GRUB that uses world-readable permissions for the grub.cfg file. This allows local users to obtain password hashes by reading the password pbkdf2...
Updated ldns package fixes CVE-2014-3209
Updated ldns packages fix security vulnerability: ldns-keygen creates a private key with the default permissions according to the users umask, which in most cases will cause the private key to be world-readable CVE-2014-3209...
CVE-2014-0135
Kafo before 0.3.17 and 0.4.x before 0.5.2, as used by Foreman, uses world-readable permissions for defaultvalues.yaml, which allows local users to obtain passwords and other sensitive information by reading the file...
CVE-2013-0345
varnish 3.0.3 uses world-readable permissions for the /var/log/varnish/ directory and the log files in the directory, which allows local users to obtain sensitive information by reading the files. NOTE: some of these details are obtained from third party information...
Design/Logic Flaw
Kafo before 0.3.17 and 0.4.x before 0.5.2, as used by Foreman, uses world-readable permissions for defaultvalues.yaml, which allows local users to obtain passwords and other sensitive information by reading the file...
CVE-2013-0345
CVE-2013-0345 affects Varnish 3.0.3, where world-readable permissions on /var/log/varnish/ and its log files allow local users to read sensitive information. The vulnerability is evidenced across multiple feeds (NVD entry and GLSA 2014-12-30, Fedora/OpenVAS entries) and is rated low by CVSS v2 (L...
CVE-2013-0345
varnish 3.0.3 uses world-readable permissions for the /var/log/varnish/ directory and the log files in the directory, which allows local users to obtain sensitive information by reading the files. NOTE: some of these details are obtained from third party information...
PT-2014-2452 · Varnish · Varnish
Name of the Vulnerable Software and Affected Versions: varnish version 3.0.3 Description: The issue allows local users to obtain sensitive information by reading the log files in the /var/log/varnish/ directory due to world-readable permissions. Recommendations: For varnish version 3.0.3, conside...
DEBIAN-CVE-2014-0164
openshift-origin-broker-util, as used in Red Hat OpenShift Enterprise 1.2.7 and 2.0.5, uses world-readable permissions for the mcollective client.cfg configuration file, which allows local users to obtain credentials and other sensitive information by reading the file...
CVE-2014-0164
openshift-origin-broker-util, as used in Red Hat OpenShift Enterprise 1.2.7 and 2.0.5, uses world-readable permissions for the mcollective client.cfg configuration file, which allows local users to obtain credentials and other sensitive information by reading the file...
CVE-2014-0164
openshift-origin-broker-util, as used in Red Hat OpenShift Enterprise 1.2.7 and 2.0.5, uses world-readable permissions for the mcollective client.cfg configuration file, which allows local users to obtain credentials and other sensitive information by reading the file...