CVE-2008-2367

Severity

21%

Complexity

39%

Confidentiality

48%

Red Hat Certificate System 7.2 uses world-readable permissions for password.conf and unspecified other configuration files, which allows local users to discover passwords by reading these files.

Red Hat Certificate System 7.2 uses world-readable permissions for password.conf and unspecified other configuration files, which allows local users to discover passwords by reading these files.

CVSS 2.0 Base Score 2.1. CVSS Attack Vector: local. CVSS Attack Complexity: low. CVSS Vector: (AV:L/AC:L/Au:N/C:P/I:N/A:N).

Overview

First reported 16 years ago

2009-01-20 16:30:00

Last updated 7 years ago

2017-08-08 01:30:00

Affected Software

Red Hat Certificate System 7.2

7.2

References

33540

Vendor Advisory

1021608

33288

ADV-2009-0145

https://bugzilla.redhat.com/show_bug.cgi?id=451998

redhat-cs-configfile-info-disclosure(48021)

RHSA-2009:0006

Vendor Advisory

RHSA-2009:0007

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.