World-readable and Writable File Permissions in tac_plus Tacacs+ Daemon F4.0.4.alpha

World-readable and Writable File Permissions in tac_plus Tacacs+ Daemon F4.0.4.alpha

CVE-2002-0225 · MEDIUM Severity

AV:L/AC:L/AU:N/C:P/I:P/A:P

tac_plus Tacacs+ daemon F4.0.4.alpha, originally maintained by Cisco, creates files from the accounting directive with world-readable and writable permissions, which allows local users to access and modify sensitive files.

Learn more about our Cis Benchmark Audit For Cisco.