Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2013-0345

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2013-0345
Last Modified 08 May 2014 10:49:25
Published 08 May 2014 10:29:08
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2013-0345

Summary

varnish 3.0.3 uses world-readable permissions for the /var/log/varnish/ directory and the log files in the directory, which allows local users to obtain sensitive information by reading the files. NOTE: some of these details are obtained from third party information.

Vulnerable Systems

Application

  • Varnish-cache Varnish 3.0.3


References

BID - 58125

OSVDB - 90586

MLIST - [oss-security] 20130222 Re: CVE request: varnish world-readable logdir

MLIST - [oss-security] 20130222 CVE request: varnish world-readable logdir


Last Updated: 27 May 2016 10:44:59