Debian GNU/Linux 3.0 installs the libpam-radius-auth package with the pam_radius_auth.conf set to be world-readable, which allows local users to obtain sensitive information.
https://exchange.xforce.ibmcloud.com/vulnerabilities/19087
http://www.debian.org/security/2005/dsa-659