Security Advisory

CVE-2006-1174

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2006-05-28 23:00:00

Last updated 2024-08-07 17:03:28

Assigner certcc

State PUBLISHED

Description

useradd in shadow-utils before 4.0.3, and possibly other versions before 4.0.8, does not provide a required argument to the open function when creating a new user mailbox, which causes the mailbox to be created with unpredictable permissions and possibly allows attackers to read or modify the mailbox.

← Browse all CVEs View on cve.org ↗