CVE-2008-2367 Information

Description

Red Hat Certificate System 7.2 uses world-readable permissions for password.conf and unspecified other configuration files which allows local users to discover passwords by reading these files.

Reference

http://secunia.com/advisories/33540 http://securitytracker.com/id?1021608 http://www.securityfocus.com/bid/33288 http://www.vupen.com/english/advisories/2009/0145 https://bugzilla.redhat.com/show_bug.cgi?id=451998 https://exchange.xforce.ibmcloud.com/vulnerabilities/48021 https://rhn.redhat.com/errata/RHSA-2009-0006.html https://rhn.redhat.com/errata/RHSA-2009-0007.html