Red Hat Network (RHN) Configuration Client (rhncfg-client) in rhncfg before 5.10.27-8 uses weak permissions (world-readable) for /var/log/rhncfg-actions, which allows local users to obtain sensitive information about the rhncfg-client actions by reading the file.
References
Configurations
Information
Published : 2012-10-22 16:55
Updated : 2017-08-28 18:31
NVD link : CVE-2012-2679
Mitre link : CVE-2012-2679
JSON object : View
CWE
CWE-264
Permissions, Privileges, and Access Controls
Products Affected
redhat
- rhncfg