CVE-2002-1509
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
03/03/2003
Last modified:
03/04/2025
Description
A patch for shadow-utils 20000902 causes the useradd command to create a mail spool files with read/write privileges of the new user's group (mode 660), which allows other users in the same group to read or modify the new user's incoming email.
Impact
Base Score 2.0
3.60
Severity 2.0
LOW
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:redhat:linux:7.2:*:*:*:*:*:*:* | ||
| cpe:2.3:o:redhat:linux:7.2:*:ia64:*:*:*:*:* | ||
| cpe:2.3:o:redhat:linux:7.3:*:*:*:*:*:*:* | ||
| cpe:2.3:o:redhat:linux:8.0:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=75418
- http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003%3A026
- http://www.redhat.com/support/errata/RHSA-2003-057.html
- http://www.redhat.com/support/errata/RHSA-2003-058.html
- http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=75418
- http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003%3A026
- http://www.redhat.com/support/errata/RHSA-2003-057.html
- http://www.redhat.com/support/errata/RHSA-2003-058.html