Scientific Linux 4: Low Severity Advisory for Shadow-Utils Security Issue

May 14, 2007 •

LinuxSecurity Advisories

1 min read

Topics Covered

security advisory bug fix shadow-utils low severity local access mailbox permissions Scientific Linux

Low: shadow-utils security and bug fix update

Date: Mon, 14 May 2007 15:53:43 -0500
Reply-To: Connie Sieh 
Sender: Security Errata for Scientific Linux

From: Connie Sieh 
Subject: Security ERRATA for shadow-utils on SL4.x i386/x86_64
Comments: To: scientific 

Synopsis: Low: shadow-utils security and bug fix update
Issue date: 2007-05-01
CVE Names: CVE-2006-1174

A flaw was found in the useradd tool in shadow-utils. A new user's
mailbox, when created, could have random permissions for a short period.
This could allow a local attacker to read or modify the mailbox.
(CVE-2006-1174)

SRPMS:
 	shadow-utils-4.0.3-61.RHEL4.src.rpm

i386:
 	shadow-utils-4.0.3-61.RHEL4.i386.rpm

x86_64:
 	shadow-utils-4.0.3-61.RHEL4.x86_64.rpm

-Connie Sieh
-Troy Dawson

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Your message here

Scientific Linux 4: Low Severity Advisory for Shadow-Utils Security Issue

Topics Covered

Search Advisories & Updates

Recent Searches

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Scientific Linux 4: Low Severity Advisory for Shadow-Utils Security Issue

Topics Covered

Search Advisories & Updates

Recent Searches

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!