CVE-2010-2450

The keygen.sh script in Shibboleth SP 2.0 located in /usr/local/etc/shibboleth by default uses OpenSSL to create a DES private key which is placed in sp-key.pm. It relies on the root umask default 22 instead of chmoding the resulting file itself, so the generated private key is world readable by...

SUSE-SU-2025:1582-1 Security update for brltty

This update for brltty fixes the following issues: - Avoid having brlapi.key temporarily world-readable during creation bsc1235438...

PT-2025-23182 · Suse · Brltty

This update for brltty fixes the following issues: - Avoid having brlapi.key temporarily world-readable during creation bsc1235438...

PT-2025-23184 · Suse · Brltty

This update for brltty fixes the following issues: - Avoid having brlapi.key temporarily world-readable during creation bsc1235438...

bind: /etc/rndc.key has 644 permissions by default

Red Hat Enterprise Linux 5 and Fedora install the Bind /etc/rndc.key file with world-readable permissions, which allows local users to perform unauthorized named commands, such as causing a denial of service by stopping named...