Package: login
Version: 1:4.0.3-30.7
Severity: critical
Tags: security
Justification: root security hole
It seems that /var/log/btmp is created as a world readable file.
This is insecure (and it is reported by 'tiger') because this file
contains failed logins , including unknown usernames. It is
On Sun, Jan 16, 2005 at 09:51:44PM +0200, Stefanos Harhalakis wrote:
Package: login
Version: 1:4.0.3-30.7
Severity: critical
Tags: security
Justification: root security hole
It seems that /var/log/btmp is created as a world readable file.
This is insecure (and it is reported by 'tiger')
On Sun, Jan 16, 2005 at 10:36:46PM +0200, Stefanos Harhalakis wrote:
On Sunday 16 January 2005 22:24, Justin Pryzby wrote:
On Sun, Jan 16, 2005 at 09:51:44PM +0200, Stefanos Harhalakis wrote:
Package: login
Version: 1:4.0.3-30.7
Severity: critical
Tags: security
Justification:
- Forwarded message from Stefanos Harhalakis [EMAIL PROTECTED] -
X-Original-To: [EMAIL PROTECTED]
From: Stefanos Harhalakis [EMAIL PROTECTED]
To: Justin Pryzby [EMAIL PROTECTED]
Subject: Re: Bug#290803: login: /var/log/btmp is created with insecure
permissions
Cc: [EMAIL PROTECTED]
X
4 matches
Mail list logo