CVE-2014-0135 Information

Description

Kafo before 0.3.17 and 0.4.x before 0.5.2 as used by Foreman uses world-readable permissions for default_values.yaml which allows local users to obtain passwords and other sensitive information by reading the file.

Reference

http://theforeman.org/security.html