3 matches found
Ubuntu 4.10 : reportbug information disclosure (USN-88-1)
Rolf Leggewie discovered two information disclosure bugs in reportbug. The per-user configuration file /.reportbugrc was created world-readable. If it contained email smarthost passwords, these were readable by any other user on the computer storing the home directory. reportbug usually includes...
CVE-2005-0624
CVE-2005-0624 affects reportbug before 2.62; .reportbugrc is created with world‑readable permissions, allowing local users to obtain email smarthost passwords. Impact: partial confidentiality; exploit requires local access. NVD metrics show LOW severity (AV:L, AC:L, AU:N). The provided documents ...
DEBIAN-CVE-2005-0624
reportbug before 2.62 creates the .reportbugrc configuration file with world-readable permissions, which allows local users to obtain email smarthost passwords...