CVE-2015-0257 Information

Description

Red Hat Enterprise Virtualization (RHEV) Manager before 3.5.1 uses weak permissions on the directories shared by the ovirt-engine-dwhd service and a plugin during service startup which allows local users to obtain sensitive information by reading files in the directory.

Reference

http://rhn.redhat.com/errata/RHSA-2015-0888.html http://www.securitytracker.com/id/1032231