Weak Permissions in Quagga Package Allows Local Information Disclosure

Weak Permissions in Quagga Package Allows Local Information Disclosure

CVE-2016-4036 · LOW Severity

AV:L/AC:L/AU:N/C:P/I:N/A:N

The quagga package before 0.99.23-2.6.1 in openSUSE and SUSE Linux Enterprise Server 11 SP 1 uses weak permissions for /etc/quagga, which allows local users to obtain sensitive information by reading files in the directory.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.