World-readable pam_radius_auth.conf file in Debian GNU/Linux 3.0 allows local users to access sensitive information

World-readable pam_radius_auth.conf file in Debian GNU/Linux 3.0 allows local users to access sensitive information

CVE-2004-1340 · LOW Severity

AV:L/AC:L/AU:N/C:P/I:N/A:N

Debian GNU/Linux 3.0 installs the libpam-radius-auth package with the pam_radius_auth.conf set to be world-readable, which allows local users to obtain sensitive information.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.