Computer Security
[EN] securityvulns.ru no-pyccku


acpid weak file permission
Published:21.12.2009
Source:
SecurityVulns ID:10486
Type:local
Threat Level:
5/10
Description:Log file is created world readable.
Affected:ACPID : acpid 1.0
CVE:CVE-2009-4235 (acpid 1.0.4 sets an unrestrictive umask, which might allow local users to leverage weak permissions on /var/log/acpid, and obtain sensitive information by reading this file or cause a denial of service by overwriting this file, a different vulnerability than CVE-2009-4033.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 1960-1] New acpid packages fix weak file permissions (21.12.2009)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod