Scientific Linux: Low Severity Mailbox Permissions Issue in Shadow-Utils

Jun 15, 2007 •

LinuxSecurity Advisories

1 min read

Topics Covered

security advisory shadow-utils low severity mailbox permissions Scientific Linux

Low: shadow-utils security and bug fix update

Date: Fri, 15 Jun 2007 17:29:05 -0500
Reply-To: Troy Dawson 
Sender: Security Errata for Scientific Linux

From: Troy Dawson 
Subject: Security ERRATA for shadow-utils on SL3,x i386/x86_64
Comments: To: This email address is being protected from spambots. You need JavaScript enabled to view it.

Synopsis:	Low: shadow-utils security and bug fix update
Issue date:	2007-06-11
CVE Names:	CVE-2006-1174

A flaw was found in the useradd tool in shadow-utils. A new user's
mailbox, when created, could have random permissions for a short period.
This could allow a local attacker to read or modify the mailbox.
(CVE-2006-1174)

SL 3.0.x

 SRPMS:
	shadow-utils-4.0.3-29.RHEL3.src.rpm
 i386:
	shadow-utils-4.0.3-29.RHEL3.i386.rpm
 x86_64:
	shadow-utils-4.0.3-29.RHEL3.x86_64.rpm

-Connie Sieh
-Troy Dawson

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Your message here

Scientific Linux: Low Severity Mailbox Permissions Issue in Shadow-Utils

Topics Covered

Search Advisories & Updates

Recent Searches

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Scientific Linux: Low Severity Mailbox Permissions Issue in Shadow-Utils

Topics Covered

Search Advisories & Updates

Recent Searches

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!