CVE-2008-2368
N/A
N/A
Summary
Red Hat Certificate System 7.2 stores passwords in cleartext in the UserDirEnrollment log, the RA wizard installer log, and unspecified other debug log files, and uses weak permissions for these files, which allows local users to discover passwords by reading the files.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://secunia.com/advisories/33540
- http://www.vupen.com/english/advisories/2009/0145
- http://www.securityfocus.com/bid/33288
- http://securitytracker.com/id?1021608
- https://rhn.redhat.com/errata/RHSA-2009-0006.html
- https://bugzilla.redhat.com/show_bug.cgi?id=452000
- https://rhn.redhat.com/errata/RHSA-2009-0007.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/48022
References
- http://secunia.com/advisories/33540
- http://www.vupen.com/english/advisories/2009/0145
- http://www.securityfocus.com/bid/33288
- http://securitytracker.com/id?1021608
- https://rhn.redhat.com/errata/RHSA-2009-0006.html
- https://bugzilla.redhat.com/show_bug.cgi?id=452000
- https://rhn.redhat.com/errata/RHSA-2009-0007.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/48022
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.