← voltar
CVE-2006-1174

CVE-2006-1174

EPSS 0.4%
useradd in shadow-utils before 4.0.3, and possibly other versions before 4.0.8, does not provide a required argument to the open function when creating a new user mailbox, which causes the mailbox to be created with unpredictable permissions and possibly allows attackers to read or modify the mailbox.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.aschttp://cvs.pld.org.pl/shadow/NEWS?rev=1.109http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.htmlhttp://secunia.com/advisories/20370http://secunia.com/advisories/20506http://secunia.com/advisories/25098http://secunia.com/advisories/25267http://secunia.com/advisories/25629http://secunia.com/advisories/25894http://secunia.com/advisories/25896http://secunia.com/advisories/26909http://secunia.com/advisories/27706