World-readable and Writable File Permissions in tac_plus Tacacs+ Daemon F4.0.4.alpha
CVE-2002-0225 · MEDIUM Severity
AV:L/AC:L/AU:N/C:P/I:P/A:P
tac_plus Tacacs+ daemon F4.0.4.alpha, originally maintained by Cisco, creates files from the accounting directive with world-readable and writable permissions, which allows local users to access and modify sensitive files.
Learn more about our Cis Benchmark Audit For Cisco.