CVE-2013-0337 on Ubuntu 12.04 LTS (precise) - low.
Description:
The default configuration of nginx, possibly 1.3.13 and earlier, uses world-readable permissions for the (1) access.log and (2) error.log files, which allows local users to obtain sensitive information by reading the files.