World-readable permissions for /etc/auditlog-keeper.conf in SUSE Audit Log Keeper daemon before 0.2.1-0.4.6.1

CVE-2012-0421 · LOW Severity

AV:L/AC:L/AU:N/C:P/I:N/A:N

The SUSE Audit Log Keeper daemon before 0.2.1-0.4.6.1 for SUSE Manager and Spacewalk uses world-readable permissions for /etc/auditlog-keeper.conf, which allows local users to obtain passwords by reading this file.

Learn more about our Cis Benchmark Audit For Suse Linux Enterprise Server.