The quagga package before 0.99.23-2.6.1 in openSUSE and SUSE Linux
Enterprise Server 11 SP 1 uses weak permissions for /etc/quagga, which
allows local users to obtain sensitive information by reading files in the
directory.
Author | Note |
---|---|
mdeslaur | description mentions SUSE, but debian/ubuntu package has similar issue. |