CVE-2006-6680

2006-12-2119:00:00

mitre

www.cve.org

chetcpasswd

permissions

sensitive information

local users

AI Score

6.1

Confidence

Low

EPSS

Percentile

5.1%

JSON

Pedro Lineu Orso chetcpasswd before 2.3.1 does not document the need for 0400 permissions on /etc/chetcpasswd.allow, which might allow local users to gain sensitive information by reading this file.

References

sourceforge.net/project/shownotes.php?group_id=68912&release_id=466649