Incorrect Default Permissions
CVE-2014-7301
Summary
SGI Tempo, as used on SGI ICE-X systems, uses weak permissions for certain files, which allows local users to obtain password hashes and possibly other unspecified sensitive information by reading /etc/odapw.
- LOW
- LOCAL
- LOW
- UNCHANGED
- NONE
- LOW
- HIGH
- LOW
CWE-276 - Incorrect Default Permissions
During installation, installed file permissions are set to allow anyone to modify those files.
References
Advisory Timeline
- Published