CVE-1999-1572

1996-07-1604:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-1999-1572

freebsd

debian

gnu/linux

cpio

umask

local users

cybersecurity

nvd

5.9 Medium

AI Score

Confidence

Low

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

14.3%

JSON

cpio on FreeBSD 2.1.0, Debian GNU/Linux 3.0, and possibly other operating systems, uses a 0 umask when creating files using the -O (archive) or -F options, which creates the files with mode 0666 and allows local users to read or overwrite those files.

CPENameOperatorVersion
redhat:enterprise_linuxredhat enterprise linuxeq4.0
ubuntu:ubuntu_linuxubuntu ubuntu linuxeq4.10
mandrakesoft:mandrake_linuxmandrakesoft mandrake linuxeq9.2
mandrakesoft:mandrake_linuxmandrakesoft mandrake linuxeqcs3.0
freebsd:freebsdfreebsdeq2.1.0
mandrakesoft:mandrake_linuxmandrakesoft mandrake linuxeq10.0
redhat:enterprise_linux_desktopredhat enterprise linux desktopeq4.0
mandrakesoft:mandrake_linuxmandrakesoft mandrake linuxeqcs2.1
debian:debian_linuxdebian debian linuxeq3.0
mandrakesoft:mandrake_linuxmandrakesoft mandrake linuxeq10.1

CPE	Name	Operator	Version
redhat:enterprise_linux	redhat enterprise linux	eq	4.0
ubuntu:ubuntu_linux	ubuntu ubuntu linux	eq	4.10
mandrakesoft:mandrake_linux	mandrakesoft mandrake linux	eq	9.2
mandrakesoft:mandrake_linux	mandrakesoft mandrake linux	eq	cs3.0
freebsd:freebsd	freebsd	eq	2.1.0
mandrakesoft:mandrake_linux	mandrakesoft mandrake linux	eq	10.0
redhat:enterprise_linux_desktop	redhat enterprise linux desktop	eq	4.0
mandrakesoft:mandrake_linux	mandrakesoft mandrake linux	eq	cs2.1
debian:debian_linux	debian debian linux	eq	3.0
mandrakesoft:mandrake_linux	mandrakesoft mandrake linux	eq	10.1