World-readable permissions on ntlmaps configuration file in pre-0.9.9 versions allow unauthorized access to credentials

World-readable permissions on ntlmaps configuration file in pre-0.9.9 versions allow unauthorized access to credentials

CVE-2005-2962 · LOW Severity

AV:L/AC:L/AU:N/C:P/I:N/A:N

The post-installation script for ntlmaps before 0.9.9 sets world-readable permissions for the configuration file, which allows local users to obtain the username and password.

Learn more about our User Device Pen Test.