Description
Red Hat Enterprise Linux 5 and Fedora install the Bind /etc/rndc.key file with world-readable permissions, which allows local users to perform unauthorized named commands, such as causing a denial of service by stopping named.
References (7)
Core 7
Core References
Vendor Advisory vendor-advisory
x_refsource_fedora
https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00671.html
Vendor Advisory vendor-advisory
x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2008-0300.html
Issue Tracking, Vendor Advisory x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2007-6283
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/28180
Third Party Advisory vdb-entry
signature
x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9977
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/30313
Vendor Advisory vendor-advisory
x_refsource_fedora
https://www.redhat.com/archives/fedora-package-announce/2007-December/msg00587.html
Scores
EPSS
0.0042
EPSS Percentile
34.0%
Details
CWE
CWE-200
Status
published
Products (9)
centos/centos
5
fedoraproject/fedora_core
oracle/linux
5.0
redhat/enterprise_linux
5.0
redhat/enterprise_linux_desktop
5.0
redhat/enterprise_linux_for_ibm_z_systems
5.0_s390x
redhat/enterprise_linux_for_power_big_endian
5.0
redhat/enterprise_linux_server
5.0
redhat/enterprise_linux_workstation
5.0
Published
Dec 18, 2007
Tracked Since
Feb 18, 2026