Lucene search
HistorySep 01, 2004 - 4:00 a.m.
CVE-2002-1509
cve-2002-1509
shadow-utils
useradd
mail spool
read/write privileges
nvd
6.5 Medium
AI Score
Confidence
Low
3.6 Low
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:P/A:N
0.001 Low
EPSS
Percentile
24.6%
A patch for shadow-utils 20000902 causes the useradd command to create a mail spool files with read/write privileges of the new user’s group (mode 660), which allows other users in the same group to read or modify the new user’s incoming email.
Affected configurations
Node
redhatlinuxMatch7.2
ORredhatlinuxMatch7.2ia64
ORredhatlinuxMatch7.3
ORredhatlinuxMatch8.0
| CPE | Name | Operator | Version |
|---|---|---|---|
| redhat:linux | redhat linux | eq | 7.2 |
| redhat:linux | redhat linux | eq | 7.3 |
| redhat:linux | redhat linux | eq | 8.0 |
Related
nessus
nessus
RHEL 2.1 : shadow-utils (RHSA-2003:058)
2004-07-06 00:00:00
Mandrake Linux Security Advisory : shadow-utils (MDKSA-2003:026)
2004-07-31 00:00:00
cvelist
cvelist
CVE-2002-1509
2004-09-01 04:00:00
redhat
redhat
(RHSA-2003:058) shadow-utils security update
2003-02-25 00:00:00
securityvulns
securityvulns
[RHSA-2003:057-06] Updated shadow-utils packages fix exposure
2003-02-21 00:00:00
nvd
nvd
CVE-2002-1509
2003-03-03 05:00:00
6.5 Medium
AI Score
Confidence
Low
3.6 Low
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:P/A:N
0.001 Low
EPSS
Percentile
24.6%
Related for CVE-2002-1509