Package: open-iscsi Version: 1.0.485-3 Severity: grave Tags: security Justification: user security hole
/var/lib/open-iscsi/* files are world-readable by default and may contain usernames and password used to authenticate both the initiator and the target -- System Information: Debian Release: testing/unstable APT prefers testing APT policy: (500, 'testing') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.16.19 Locale: LANG=fr_FR, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Versions of packages open-iscsi depends on: ii libc6 2.3.6.ds1-7 GNU C Library: Shared libraries ii libdb4.3 4.3.29-6 Berkeley v4.3 Database Libraries [ open-iscsi recommends no packages. -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
