Description

varnish 3.0.3 uses world-readable permissions for the /var/log/varnish/ directory and the log files in the directory, which allows local users to obtain sensitive information by reading the files. NOTE: some of these details are obtained from third party information.

Remediation

References

CVE-2013-0345

Related Vulnerabilities

Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-0800)

WordPress Plugin jQuery Mega Menu Widget 'skin' Parameter Local File Include (1.0)

Moodle Configuration Vulnerability (CVE-2012-0797)

Jenkins Incorrect Authorization Vulnerability (CVE-2021-21609)

WordPress Plugin Feedweb Unspecified Vulnerability (3.0.7)

Severity

Low

Classification

CVE-2013-0345 CWE-264

Tags

Missing Update Known Vulnerabilities