Vulnerabilities > CVE-2002-0849 - Information Disclosure vulnerability in iSCSI Insecure Configuration File Permissions
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Linux-iSCSI iSCSI implementation installs the iscsi.conf file with world-readable permissions on some operating systems, including Red Hat Linux Limbo Beta #1, which could allow local users to gain privileges by reading the cleartext CHAP password.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |