5.9 Medium
AI Score
Confidence
Low
2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
0.0004 Low
EPSS
Percentile
14.3%
cpio on FreeBSD 2.1.0, Debian GNU/Linux 3.0, and possibly other operating systems, uses a 0 umask when creating files using the -O (archive) or -F options, which creates the files with mode 0666 and allows local users to read or overwrite those files.
marc.info/?l=bugtraq&m=110763404701519&w=2
secunia.com/advisories/14357
secunia.com/advisories/17063
secunia.com/advisories/17532
support.avaya.com/elmodocs2/security/ASA-2005-212.pdf
www.debian.org/security/2005/dsa-664
www.freebsd.org/cgi/query-pr.cgi?pr=bin/1391
www.mandriva.com/security/advisories?name=MDKSA-2005:032
www.redhat.com/support/errata/RHSA-2005-073.html
www.redhat.com/support/errata/RHSA-2005-080.html
www.redhat.com/support/errata/RHSA-2005-806.html
www.trustix.org/errata/2005/0003/
exchange.xforce.ibmcloud.com/vulnerabilities/19167
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10888