CVE-2013-4481 Information

Description

Race condition in Luci 0.26.0 creates /var/lib/luci/etc/luci.ini with world-readable permissions before restricting the permissions which allows local users to read the file and obtain sensitive information such as \authentication secrets.\

Reference

http://rhn.redhat.com/errata/RHSA-2013-1603.html https://bugzilla.redhat.com/show_bug.cgi?id=988998