World-readable permissions on snmpd.config file in bsnmpd in FreeBSD 9.3, 10.1, and 10.2 allow local users to obtain secret key for USM authentication

World-readable permissions on snmpd.config file in bsnmpd in FreeBSD 9.3, 10.1, and 10.2 allow local users to obtain secret key for USM authentication

CVE-2015-5677 · LOW Severity

AV:L/AC:L/AU:N/C:P/I:N/A:N

bsnmpd, as used in FreeBSD 9.3, 10.1, and 10.2, uses world-readable permissions on the snmpd.config file, which allows local users to obtain the secret key for USM authentication by reading the file.

Learn more about our User Device Pen Test.