CVE-2002-1509Redhat Linux vulnerability

5 documents5 sources
Severity
3.6LOWNVD
EPSS
0.1%
top 77.32%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Redhat Linux
Timeline
PublishedMar 3
Latest updateApr 30

Description

A patch for shadow-utils 20000902 causes the useradd command to create a mail spool files with read/write privileges of the new user's group (mode 660), which allows other users in the same group to read or modify the new user's incoming email.

CVSS vector

AV:L/AC:L/C:P/I:P/A:NExploitability: 3.9 | Impact: 4.9

Affected Packages1 packages

NVDredhat/linux7.2, 7.3, 8.0+2

🔴Vulnerability Details

2
GHSA
GHSA-qq5x-4fxh-3qvh: A patch for shadow-utils 20000902 causes the useradd command to create a mail spool files with read/write privileges of the new user's group (mode 6602022-04-30
CVEList
CVE-2002-1509: A patch for shadow-utils 20000902 causes the useradd command to create a mail spool files with read/write privileges of the new user's group (mode 6602004-09-01

📋Vendor Advisories

1
Red Hat
security flaw2002-10-08

💬Community

1
Bugzilla
CVE-2002-1509 security flaw2018-08-16
CVE-2002-1509 — Redhat Linux vulnerability | cvebase