Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-1999-1572HistoryJul 16, 1996 - 4:00 a.m.
CVE-1999-1572
1996-07-1604:00:00
Debian Security Bug Tracker
security-tracker.debian.org
8
2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
0.0004 Low
EPSS
Percentile
14.5%
cpio on FreeBSD 2.1.0, Debian GNU/Linux 3.0, and possibly other operating systems, uses a 0 umask when creating files using the -O (archive) or -F options, which creates the files with mode 0666 and allows local users to read or overwrite those files.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | cpio | < 2.5-1.2 | cpio_2.5-1.2_all.deb |
| Debian | 11 | all | cpio | < 2.5-1.2 | cpio_2.5-1.2_all.deb |
| Debian | 10 | all | cpio | < 2.5-1.2 | cpio_2.5-1.2_all.deb |
| Debian | 999 | all | cpio | < 2.5-1.2 | cpio_2.5-1.2_all.deb |
| Debian | 13 | all | cpio | < 2.5-1.2 | cpio_2.5-1.2_all.deb |
Related
osv
osv
cpio - broken file permissions
2005-02-02 00:00:00
redhat
redhat
(RHSA-2005:080) cpio security update
2005-02-18 00:00:00
(RHSA-2005:073) cpio security update
2005-02-15 00:00:00
(RHSA-2005:806) cpio security update
2005-11-10 00:00:00
ubuntucve
ubuntucve
CVE-1999-1572
1996-07-16 00:00:00
nessus
nessus
Ubuntu 4.10 : cpio vulnerability (USN-75-1)
2006-01-15 00:00:00
Debian DSA-664-1 : cpio - broken file permissions
2005-02-03 00:00:00
Mandrake Linux Security Advisory : cpio (MDKSA-2005:032-1)
2005-02-11 00:00:00
ubuntu
ubuntu
cpio vulnerability
2005-02-04 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-664-1)
2008-01-17 00:00:00
Ubuntu: Security Advisory (USN-75-1)
2022-08-26 00:00:00
Debian Security Advisory DSA 664-1 (cpio)
2008-01-17 00:00:00
debian
debian
[SECURITY] [DSA 664-1] New cpio packages fix insecure file permissions
2005-02-02 16:57:21
[SECURITY] [DSA 664-1] New cpio packages fix insecure file permissions
2005-02-02 16:57:21
cve
cve
CVE-1999-1572
1996-07-16 04:00:00
centos
centos
cpio security update
2005-11-10 23:44:34
cert
cert
mod_python vulnerable to information disclosure via crafted URL
2005-02-21 00:00:00
2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
0.0004 Low
EPSS
Percentile
14.5%
Related for DEBIANCVE:CVE-1999-1572