CVE-2012-2760
CVE-2012-2760 affects mod_auth_openid for Apache prior to 0.7. The vulnerability stems from the database file /tmp/mod_auth_openid.db being world-readable, enabling local users to access session IDs. Impact is local session hijacking if an attacker can read the file; exploitation details confirm ...