Vulnerabilities > Incorrect Default Permissions

DATE CVE VULNERABILITY TITLE RISK
2001-07-21 CVE-2001-0497 Incorrect Default Permissions vulnerability in ISC Bind
dnskeygen in BIND 8.2.4 and earlier, and dnssec-keygen in BIND 9.1.2 and earlier, set insecure permissions for a HMAC-MD5 shared secret key file used for DNS Transactional Signatures (TSIG), which allows attackers to obtain the keys and perform dynamic DNS updates.
local
low complexity
isc CWE-276
7.8
7.8
1999-03-01 CVE-1999-0426 Incorrect Default Permissions vulnerability in Suse Linux 6.0
The default permissions of /dev/kmem in Linux versions before 2.0.36 allows IP spoofing.
network
low complexity
suse CWE-276
critical
 9.8
9.8