Lucene search

[email protected]CVE-2005-1976

HistoryDec 31, 2005 - 5:00 a.m.

CVE-2005-1976

2005-12-3105:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2005-1976

novell netmail

linux

arbitrary code execution

dos

8.5 High

AI Score

Confidence

High

1.7 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:S/C:N/I:N/A:P

0.001 Low

EPSS

Percentile

24.3%

JSON

Novell NetMail 3.5.2a, 3.5.2b, and 3.5.2c, when running on Linux, sets the owner and group ID to 500 for certain files, which could allow users or groups with that ID to execute arbitrary code or cause a denial of service by modifying those files.

CPENameOperatorVersion
novell:netmailnovell netmaileq3.5.2

CPE	Name	Operator	Version
novell:netmail	novell netmail	eq	3.5.2

References

secunia.com/advisories/15763

securitytracker.com/id?1014251

support.novell.com/cgi-bin/search/searchtid.cgi?/10098022.htm

www.osvdb.org/17456

www.securityfocus.com/bid/14005

8.5 High

AI Score

Confidence

High

1.7 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:S/C:N/I:N/A:P

0.001 Low

EPSS

Percentile

24.3%

JSON