CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2012-0421

The SUSE Audit Log Keeper daemon before 0.2.1-0.4.6.1 for SUSE Manager and Spacewalk uses world-readable permissions for /etc/auditlog-keeper.conf, which allows local users to obtain passwords by reading this file.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 21.3%

CVSS Severity

CVSS v2 Score 2.1

References

http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00001.html
https://bugzilla.novell.com/771335
http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00001.html
https://bugzilla.novell.com/771335

Products affected by CVE-2012-0421

Novell » Suse Audit Log Keeper » Version: 0.2.1

cpe:2.3:a:novell:suse_audit_log_keeper:0.2.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2012-0421

Products

Pricing

Contact Us