Описание
Red Hat Network (RHN) Configuration Client (rhncfg-client) in rhncfg before 5.10.27-8 uses weak permissions (world-readable) for /var/log/rhncfg-actions, which allows local users to obtain sensitive information about the rhncfg-client actions by reading the file.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Satellite 5.6 | Server | Affected | ||
| Red Hat Network Tools for RHEL 5 | rhncfg | Fixed | RHSA-2012:1369 | 15.10.2012 |
| Red Hat Network Tools for RHEL 5.3.LL | rhncfg | Fixed | RHSA-2012:1369 | 15.10.2012 |
| Red Hat Network Tools for RHEL 5.6.Z | rhncfg | Fixed | RHSA-2012:1369 | 15.10.2012 |
| Red Hat Network Tools for RHEL 6 | rhncfg | Fixed | RHSA-2012:1369 | 15.10.2012 |
| Red Hat Network Tools for RHEL 6.0.Z | rhncfg | Fixed | RHSA-2012:1369 | 15.10.2012 |
| Red Hat Network Tools for RHEL 6.1.Z | rhncfg | Fixed | RHSA-2012:1369 | 15.10.2012 |
| Red Hat Network Tools for RHEL 6.2.Z | rhncfg | Fixed | RHSA-2012:1369 | 15.10.2012 |
| Red Hat Network Tools for RHEL 6.3.Z | rhncfg | Fixed | RHSA-2012:1369 | 15.10.2012 |
Показывать по
Дополнительная информация
Статус:
6.2 Medium
CVSS2
Связанные уязвимости
Red Hat Network (RHN) Configuration Client (rhncfg-client) in rhncfg before 5.10.27-8 uses weak permissions (world-readable) for /var/log/rhncfg-actions, which allows local users to obtain sensitive information about the rhncfg-client actions by reading the file.
Red Hat Network (RHN) Configuration Client (rhncfg-client) in rhncfg before 5.10.27-8 uses weak permissions (world-readable) for /var/log/rhncfg-actions, which allows local users to obtain sensitive information about the rhncfg-client actions by reading the file.
6.2 Medium
CVSS2