2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
0.0004 Low
EPSS
Percentile
12.9%
GNU cpio copies files into or out of a cpio or tar archive.
It was discovered that cpio uses a 0 umask when creating files using the -O
(archive) option. This creates output files with mode 0666 (all can read
and write) regardless of the user’s umask setting. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name
CAN-1999-1572 to this issue.
All users of cpio should upgrade to this updated package, which resolves
this issue, and adds support for large files (> 2GB).
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | any | ia64 | cpio | < 2.5-3e.3 | cpio-2.5-3e.3.ia64.rpm |