CVE Vulnerabilities

CVE-2008-2367

Published: Jan 20, 2009 | Modified: Aug 08, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
2.1 LOW
AV:L/AC:L/Au:N/C:P/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu

Red Hat Certificate System 7.2 uses world-readable permissions for password.conf and unspecified other configuration files, which allows local users to discover passwords by reading these files.

Affected Software

Name Vendor Start Version End Version
Certificate_system Redhat 7.2 7.2
Red Hat Certificate System 7.2 for RHEL 4 RedHat pkisetup-0:7.2.0-7 *
Red Hat Certificate System 7.2 for RHEL 4 RedHat rhpki-ca-0:7.2.0-6 *
Red Hat Certificate System 7.2 for RHEL 4 RedHat rhpki-common-0:7.2.0-16 *
Red Hat Certificate System 7.2 for RHEL 4 RedHat rhpki-kra-0:7.2.0-5 *
Red Hat Certificate System 7.2 for RHEL 4 RedHat rhpki-ocsp-0:7.2.0-5 *
Red Hat Certificate System 7.2 for RHEL 4 RedHat rhpki-tks-0:7.2.0-5 *
Red Hat Certificate System 7.2 for RHEL 4 RedHat rhpki-tps-0:7.2.0-8 *
Red Hat Certificate System 7.3 RedHat pkisetup-0:7.3.0-14.el4 *
Red Hat Certificate System 7.3 RedHat rhpki-ca-0:7.3.0-17.el4 *
Red Hat Certificate System 7.3 RedHat rhpki-common-0:7.3.0-40.el4 *
Red Hat Certificate System 7.3 RedHat rhpki-kra-0:7.3.0-13.el4 *
Red Hat Certificate System 7.3 RedHat rhpki-ocsp-0:7.3.0-11.el4 *
Red Hat Certificate System 7.3 RedHat rhpki-ra-0:7.3.0-67.el4 *
Red Hat Certificate System 7.3 RedHat rhpki-tks-0:7.3.0-12.el4 *
Red Hat Certificate System 7.3 RedHat rhpki-tps-0:7.3.0-23.el4 *
Red Hat Certificate System 7.3 RedHat rhpki-util-0:7.3.0-20.el4 *

References