World-readable permissions in Domain Technologie Control (DTC) setup script for /etc/apache2/apache2.conf allows local users to obtain dtcdaemons MySQL password

World-readable permissions in Domain Technologie Control (DTC) setup script for /etc/apache2/apache2.conf allows local users to obtain dtcdaemons MySQL password

CVE-2011-3196 · LOW Severity

AV:L/AC:L/AU:N/C:P/I:N/A:N

The setup script in Domain Technologie Control (DTC) before 0.34.1 uses world-readable permissions for /etc/apache2/apache2.conf, which allows local users to obtain the dtcdaemons MySQL password by reading the file.

Learn more about our Cis Benchmark Audit For Apache Http Server.