CVE-2007-5686

Name of the Vulnerable Software and Affected Versions rPath Linux 1

Description The issue allows local users to obtain sensitive information regarding authentication attempts due to insecure permissions set for the /var/log/btmp file. This also prevents sshd from logging failed authentication attempts by remote attackers because sshd detects the insecure permissions and does not log certain events.

Recommendations For rPath Linux 1, consider changing the permissions of the /var/log/btmp file to secure it and ensure that sshd can log failed authentication attempts properly. As a temporary workaround, monitor the system for potential security breaches, focusing on authentication attempts.