RSS   Vulnerabilities for 'Mod auth openid'   RSS

2012-07-25
 
CVE-2012-2760

CWE-264
 

 
mod_auth_openid before 0.7 for Apache uses world-readable permissions for /tmp/mod_auth_openid.db, which allows local users to obtain session ids.

 


Copyright 2024, cxsecurity.com

 

Back to Top