← Back

CVE-2011-3196

nvd nist
Published: Mar 21, 2014Modified: May 6, 2026

JSON object

Loading...
2.1
Vector
AV:L/AC:L/Au:N/C:P/I:N/A:N
Exploitability: 3.9 / Impact: 2.9
Source: NVD

Description

The setup script in Domain Technologie Control (DTC) before 0.34.1 uses world-readable permissions for /etc/apache2/apache2.conf, which allows local users to obtain the dtcdaemons MySQL password by reading the file.

Affected (35)

Gplhost
1 product
Domain Technologie Control
Configuration A
35 vulnerable
Vulnerable SoftwareAffected Versions
Gplhost
Domain Technologie Control
Up to 0.32.11
Domain Technologie Control
Version 0.24.6
Domain Technologie Control
Version 0.25.1
Domain Technologie Control
Version 0.25.2
Domain Technologie Control
Version 0.25.3
Domain Technologie Control
Version 0.26.7
Domain Technologie Control
Version 0.26.8
Domain Technologie Control
Version 0.26.9
Domain Technologie Control
Version 0.27.3
Domain Technologie Control
Version 0.28.10
Domain Technologie Control
Version 0.28.2
Domain Technologie Control
Version 0.28.3
Domain Technologie Control
Version 0.28.4
Domain Technologie Control
Version 0.28.6
Domain Technologie Control
Version 0.28.9
Domain Technologie Control
Version 0.29.10
Domain Technologie Control
Version 0.29.14
Domain Technologie Control
Version 0.29.15
Domain Technologie Control
Version 0.29.16
Domain Technologie Control
Version 0.29.17
Domain Technologie Control
Version 0.29.1
Domain Technologie Control
Version 0.29.6
Domain Technologie Control
Version 0.29.8
Domain Technologie Control
Version 0.30.10
Domain Technologie Control
Version 0.30.18
Domain Technologie Control
Version 0.30.20
Domain Technologie Control
Version 0.30.6
Domain Technologie Control
Version 0.30.8
Domain Technologie Control
Version 0.32.1
Domain Technologie Control
Version 0.32.2
Domain Technologie Control
Version 0.32.3
Domain Technologie Control
Version 0.32.4
Domain Technologie Control
Version 0.32.5
Domain Technologie Control
Version 0.32.6
Domain Technologie Control
Version 0.32.7

Related CWEs

CWE-264
CWE-264

References (10)

Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.