Description
mod_auth_openid before 0.7 for Apache uses world-readable permissions for /tmp/mod_auth_openid.db, which allows local users to obtain session ids.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by Peter Ellehauge · textlocallinux
https://www.exploit-db.com/exploits/18917
References (10)
Core 10
Core References
Exploit, Third Party Advisory x_refsource_misc
http://packetstormsecurity.org/files/112991/Mod_Auth_OpenID-Session-Stealing.html
Third Party Advisory mailing-list
x_refsource_fulldisc
http://archives.neohapsis.com/archives/fulldisclosure/2012-05/0235.html
Vendor Advisory vendor-advisory
x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDVSA-2012:114
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/75813
Exploit, Third Party Advisory exploit
x_refsource_exploit-db
http://www.exploit-db.com/exploits/18917
Issue Tracking x_refsource_misc
https://github.com/bmuller/mod_auth_openid/pull/30
Various Sources x_refsource_confirm
https://github.com/bmuller/mod_auth_openid/blob/master/ChangeLog
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/49247
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/82139
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/53661
Scores
EPSS
0.0037
EPSS Percentile
59.0%
Details
CWE
CWE-264
Status
published
Products (7)
findingscience/mod_auth_openid
0.1
findingscience/mod_auth_openid
0.2
findingscience/mod_auth_openid
0.2.1
findingscience/mod_auth_openid
0.3
findingscience/mod_auth_openid
0.4
findingscience/mod_auth_openid
0.5
findingscience/mod_auth_openid
< 0.6
Published
Jul 25, 2012
Tracked Since
Feb 18, 2026