3.7 Low
CVSS2
Access Vector
LOCAL
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:H/Au:N/C:P/I:P/A:P
0.002 Low
EPSS
Percentile
50.8%
The Shadow Utilities contain a vulnerability that may result in new user mailboxes having arbitrary permissions.
The Shadow Utilities provide tools to manage user accounts.
When a new mailbox is created using the useradd
utility, the open()
function does not receive the expected arguments while O_CREAT
is present. The result of this error is that random permissions are applied to the new mailbox.
A local, unprivileged attacker may be able to gain access to newly created mailbox files.
Affected vendors have released updates to address this issue. Users are encouraged to see the Systems Affected portion of this document for a partial list of affected vendors.
312692
Filter by status: All Affected Not Affected Unknown
Filter by content: __ Additional information available
__ Sort by: Status Alphabetical
Expand all
Javascript is disabled. Click here to view vendors.
Notified: May 17, 2006 Updated: December 14, 2007
Affected
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
See <http://www.gentoo.org/security/en/glsa/glsa-200606-02.xml> for more details.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23312692 Feedback>).
Notified: May 17, 2006 Updated: May 23, 2006
Not Affected
Mac OS X does not ship with shadow-utils installed.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: May 17, 2006 Updated: May 22, 2006
Not Affected
This is a local vulnerability on BIG-IP and as such will be patched at the next release.
FirePass is not vulnerable.
WANJet is not vulnerable.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: May 17, 2006 Updated: May 17, 2006
Not Affected
Openwall GNU/*/Linux (Owl) is not affected. We had fixed this issue while introducing this functionality into Owl in November, 2001. With our re-implementation of the patch, the mailbox had always been created with mode 0 (no permissions) initially and only set to the intended mode after a successful change of its owner and group.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: May 12, 2006 Updated: May 12, 2006
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: May 17, 2006 Updated: May 17, 2006
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: May 17, 2006 Updated: May 17, 2006
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: May 17, 2006 Updated: May 17, 2006
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: May 17, 2006 Updated: May 17, 2006
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: May 17, 2006 Updated: May 17, 2006
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: May 17, 2006 Updated: May 17, 2006
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: May 17, 2006 Updated: May 17, 2006
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: May 17, 2006 Updated: May 17, 2006
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: May 17, 2006 Updated: May 17, 2006
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: May 17, 2006 Updated: May 17, 2006
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: May 17, 2006 Updated: May 17, 2006
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: May 17, 2006 Updated: May 17, 2006
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: May 17, 2006 Updated: May 17, 2006
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: May 17, 2006 Updated: May 17, 2006
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: May 17, 2006 Updated: May 17, 2006
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: May 17, 2006 Updated: May 17, 2006
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: May 17, 2006 Updated: May 17, 2006
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: May 17, 2006 Updated: May 17, 2006
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: May 17, 2006 Updated: May 17, 2006
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: May 17, 2006 Updated: May 17, 2006
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: May 17, 2006 Updated: May 17, 2006
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: May 17, 2006 Updated: May 17, 2006
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: May 17, 2006 Updated: May 17, 2006
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: May 17, 2006 Updated: May 17, 2006
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: May 17, 2006 Updated: May 17, 2006
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: May 12, 2006 Updated: May 12, 2006
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: May 17, 2006 Updated: May 17, 2006
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: May 17, 2006 Updated: May 17, 2006
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: May 17, 2006 Updated: May 17, 2006
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: May 17, 2006 Updated: May 17, 2006
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: May 17, 2006 Updated: May 17, 2006
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: May 17, 2006 Updated: May 17, 2006
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: May 17, 2006 Updated: May 17, 2006
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: May 17, 2006 Updated: May 17, 2006
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: May 17, 2006 Updated: May 17, 2006
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: May 17, 2006 Updated: May 17, 2006
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
View all 41 vendors __View less vendors __
Group | Score | Vector |
---|---|---|
Base | ||
Temporal | ||
Environmental |
This document was written by Jeff Gennari.
CVE IDs: | CVE-2006-1174 |
---|---|
Severity Metric: | 0.23 Date Public: |
cvsweb.openwall.com/cgi/cvsweb.cgi/Owl/packages/shadow-utils/shadow-4.0.4.1-owl-create-mailbox.diff?rev=HEAD
linux.die.net/man/8/useradd
www.gentoo.org/security/en/glsa/glsa-200606-02.xml
www.redhat.com/docs/manuals/enterprise/RHEL-5-manual/Deployment_Guide-en-US/s1-users-tools.html
www.securityfocus.com/archive/1/archive/1/468336/100/0/threaded
www.securecoding.cert.org/confluence/x/VQBc