AuditLogKeeper ‘auditlog-keeper.conf’ Insecure File Permissions Vulnerability

Summary

AuditLogKeeper is prone to an insecure file-permissions vulnerability.

Credit:

The original article can be found at: http://www.securityfocus.com/bid/54821
The information has been provided by Michael Rutkowski of Duer Advanced Technology and Aerospace .


Details

Vulnerable Systems:
 *AuditLogKeeper ‘auditlog-keeper.conf’ Insecure File Permissions Vulnerability

An attacker can exploit this issue to obtain sensitive information, such as passwords. This may aid in further attacks.

Vendor Status:
Vendor as issued an updated vulnerability.

CVE Information:
CVE-2012-2960

Disclosure Timeline:
Initial Release: Published: Aug 06 2012

Categories: News