CVE-2012-4574 Information

Description

Pulp in Red Hat CloudForms before 1.1 uses world-readable permissions for pulp.conf which allows local users to read the administrative password by reading this file.

Reference

http://osvdb.org/88138 http://rhn.redhat.com/errata/RHSA-2012-1543.html http://secunia.com/advisories/51472 http://www.securityfocus.com/bid/56819 https://bugzilla.redhat.com/show_bug.cgi?id=872487 https://exchange.xforce.ibmcloud.com/vulnerabilities/80548