CVE Reference: CVE-2012-5561

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE:
CVE-2012-5561

Description:
script/katello-generate-passphrase in Katello 1.1 uses world-readable permissions for /etc/katello/secure/passphrase, which allows local users to obtain the passphrase by reading the file.

CVE Status:
Candidate

References:

REDHAT
  http://rhn.redhat.com/errata/RHSA-2013-0544.html
  http://rhn.redhat.com/errata/RHSA-2013-0547.html

MISC

CONFIRM


Return to the previous page.