oss-sec mailing list archives
CVE request: skunkweb world-readable logdir
From: Agostino Sarubbo <ago () gentoo org>
Date: Sun, 24 Feb 2013 19:45:59 +0100
skunkweb, a robust Python web application server, produces a world-readable log. # ls -la /var/log/skunkweb/sw.log -rw-r--r-- 1 skunkweb skunkweb 4529 Feb 24 19:41 /var/log/skunkweb/sw.log The development seems dead. Upstream site: http://skunkweb.sourceforge.net/ -- Agostino Sarubbo Gentoo Linux Developer
Current thread:
- CVE request: skunkweb world-readable logdir Agostino Sarubbo (Feb 24)
- Re: CVE request: skunkweb world-readable logdir Kurt Seifried (Feb 25)