DescriptionThe SUSE Audit Log Keeper daemon before 0.2.1-0.4.6.1 for SUSE Manager and Spacewalk uses world-readable permissions for /etc/auditlog-keeper.conf, which allows local users to obtain passwords by reading this file.
Overall state of this security issue: Resolved
This issue is currently rated as having important severity.
|National Vulnerability Database|
- SUSE-SU-2012:0958-1, published Mon, 6 Aug 2012 18:08:35 +0200 (CEST)
List of released packages
|Product(s)||Fixed package version(s)||References|
|SUSE Manager 1.2 for SLE 11 SP1|| ||
SAT Patch Nr: 6603
Status of this issue by product and package
|SUSE Manager Server 1.2||auditlog-keeper||Released|
|SUSE Manager Server 1.7||auditlog-keeper||Affected|