mod_auth_openid before 0.7 for Apache uses world-readable permissions for /tmp/mod_auth_openid.db, which allows local users to obtain session ids.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2012-07-25T19:00:00
Updated: 2024-08-06T19:42:32.450Z
Reserved: 2012-05-18T00:00:00
Link: CVE-2012-2760
Vulnrichment
No data.
NVD
Status : Modified
Published: 2012-07-25T19:55:05.477
Modified: 2017-08-29T01:31:42.070
Link: CVE-2012-2760
Redhat
No data.