Summary
The remote host is missing an update to prewikka
announced via advisory FEDORA-2009-3789.
Solution
Apply the appropriate updates.
This update can be installed with the yum update program. Use su -c 'yum update prewikka' at the command line.
For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/.
https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-3789
Insight
The permissions on the prewikka.conf file are world readable and contain the sql database password used by prewikka. This update makes it readable just by the apache group.
ChangeLog:
* Fri Apr 17 2009 Steve Grubb 0.9.14-2
- Change default perms on conf file
* Thu Apr 24 2008 Steve Grubb 0.9.14-1
- new upstream release
Severity
Classification
-
CVE CVE-2010-2058 -
CVSS Base Score: 2.1
AV:L/AC:L/Au:N/C:P/I:N/A:N
Related Vulnerabilities