Security Advisory

CVE-2013-4481

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2013-11-23 11:00:00

Last updated 2024-08-06 16:45:14

Assigner redhat

State PUBLISHED

Description

Race condition in Luci 0.26.0 creates /var/lib/luci/etc/luci.ini with world-readable permissions before restricting the permissions, which allows local users to read the file and obtain sensitive information such as "authentication secrets."

← Browse all CVEs View on cve.org ↗