Insecure Permissions in install-chef-suse.sh Script Allows Unauthorized Data Access

Insecure Permissions in install-chef-suse.sh Script Allows Unauthorized Data Access

CVE-2012-0433 · LOW Severity

AV:L/AC:L/AU:N/C:P/I:N/A:N

The install-chef-suse.sh script shipped with crowbar before 2012-10-02 is creating files containing confidential data with insecure permissions, allowing local users to read confidential data.

Learn more about our Cis Benchmark Audit For Suse Linux Enterprise Server.