CVE-2002-1970 Information

Description

SnortCenter 0.9.5 when configured to push Snort rules stores the rules in a temporary file with world-readable and world-writable permissions which allows local users to obtain usernames and passwords for the alert database servers.

Reference

http://online.securityfocus.com/archive/1/298587 http://www.iss.net/security_center/static/10540.php http://www.securityfocus.com/bid/6109