Vulnerability Details CVE-2008-2367
Red Hat Certificate System 7.2 uses world-readable permissions for password.conf and unspecified other configuration files, which allows local users to discover passwords by reading these files.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 8.2%
CVSS Severity
CVSS v2 Score 2.1
References
- http://secunia.com/advisories/33540
- http://securitytracker.com/id?1021608
- http://www.securityfocus.com/bid/33288
- http://www.vupen.com/english/advisories/2009/0145
- https://bugzilla.redhat.com/show_bug.cgi?id=451998
- https://exchange.xforce.ibmcloud.com/vulnerabilities/48021
- https://rhn.redhat.com/errata/RHSA-2009-0006.html
- https://rhn.redhat.com/errata/RHSA-2009-0007.html
- http://secunia.com/advisories/33540
- http://securitytracker.com/id?1021608
- http://www.securityfocus.com/bid/33288
- http://www.vupen.com/english/advisories/2009/0145
- https://bugzilla.redhat.com/show_bug.cgi?id=451998
- https://exchange.xforce.ibmcloud.com/vulnerabilities/48021
- https://rhn.redhat.com/errata/RHSA-2009-0006.html
- https://rhn.redhat.com/errata/RHSA-2009-0007.html
Products affected by CVE-2008-2367
-
cpe:2.3:a:redhat:certificate_system:7.2