- Description
- A patch for shadow-utils 20000902 causes the useradd command to create a mail spool files with read/write privileges of the new user's group (mode 660), which allows other users in the same group to read or modify the new user's incoming email.
- Source
- cve@mitre.org
- NVD status
- Analyzed
CVSS 2.0
- Type
- Primary
- Base score
- 3.6
- Impact score
- 4.9
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:P/I:P/A:N
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:linux:7.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E562907F-D915-4030-847A-3C6834A80D4E"
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.2:*:ia64:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9D47D6FE-56A9-42CF-9A9B-AEE272C061F7"
},
{
"criteria": "cpe:2.3:o:redhat:linux:7.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "138985E6-5107-4E8B-A801-C3D5FE075227"
},
{
"criteria": "cpe:2.3:o:redhat:linux:8.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "038FEDE7-986F-4CA5-9003-BA68352B87D4"
}
],
"operator": "OR"
}
]
}
]