oss-sec mailing list archives
Re: CVE request: monkeyd world-readable logdir
From: Kurt Seifried <kseifried () redhat com>
Date: Mon, 25 Feb 2013 14:02:00 -0700
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 02/24/2013 12:00 PM, Agostino Sarubbo wrote:
Monkeyd, a small, fast, and scalable web server, produces, at least on gentoo a world-readable log. # ls /var/log/monkeyd/master.log -la -rw-r--r-- 1 root root 0 Feb 24 19:56 /var/log/monkeyd/master.log Upstream site: http://www.monkey-project.com/
This also doesn't look to be very active/widely used. - -- Kurt Seifried Red Hat Security Response Team (SRT) PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (GNU/Linux) iQIcBAEBAgAGBQJRK9FIAAoJEBYNRVNeJnmTje0QAJ4xJB1qwVL1gWIHCS6HxZHp 7+GMwU7QeTYtmRVMmtbdAW38A55FylDGHO6LTNQP5CX+4sZgA8taLRrhCMTcTgzu zvLNp4BeIIqtDwRD2QXIOII8xUastL4w5/X25zWFFbmMBOlQHy0SXwFqIOgzbdnO bLBw6wJB6EkFY5X+oFcQtvnjT6VmQXEX2v4hTJR0Nl3x1AUD3A6+99V9XVgIsBKJ MvkeGa59WIO9WXwMWpJNH5FqNL8KIqPBnqaKGcAgUFVMGb1grIcfb4wGXBI8L8ak jP6NesjI/IAfsTYcgggHP8R1NFc3+nGtdW4nwwAZTg/85x6zMwh6egEwbfLIXc7B MmiJCb1B6YneNjW5bI1bw0yUzKG7lEtnjZBcmjKRvFKDaUpGOd9bsuLfM4zx6Rpa 18qeNrr5vwql3NOMY+8JRw4/1mSL4y8Bb4G7j+dCxQY/t9sNF3x7LgYLWUmD76Yk fgSjbIuO78ERdZcROgy0tgQrKvGT09/DTj9quMg4koGXgsoWek9nF4AMjQ2jKUWp okEqfvOodcla5QfWk40JGWVksWh/pQf1JaTY1hG3vS8aon2Q/bjEBSniRxPp5QI5 TDgpjWzcya6wTGN8SKtXlskNjvGGXQvP5M4mCAwLnJ/HDPfZdHmScxGBtoZYd/v9 5JgoBdLcyLQ1Gn6kJz63 =9TG5 -----END PGP SIGNATURE-----
Current thread:
- CVE request: monkeyd world-readable logdir Agostino Sarubbo (Feb 24)
- Re: CVE request: monkeyd world-readable logdir Kurt Seifried (Feb 25)
- Re: CVE request: monkeyd world-readable logdir Agostino Sarubbo (Feb 26)
- Re: CVE request: monkeyd world-readable logdir Moritz Muehlenhoff (Feb 26)
- Re: CVE request: monkeyd world-readable logdir Kurt Seifried (Feb 26)
- Re: CVE request: monkeyd world-readable logdir Kurt Seifried (Feb 25)