CVE-2002-1509

Published: Mar 3, 2003Modified: Apr 16, 2026

3.6

Vector

AV:L/AC:L/Au:N/C:P/I:P/A:N

Exploitability: 3.9 / Impact: 4.9

Source: NVD

Description

A patch for shadow-utils 20000902 causes the useradd command to create a mail spool files with read/write privileges of the new user's group (mode 660), which allows other users in the same group to read or modify the new user's incoming email.

Affected (4)

Products: Redhat: Linux

Redhat

1 product

Linux

Configuration A

4 vulnerable

Vulnerable Software	Affected Versions
Redhat Linux	Version 7.2
Redhat Linux	Version 7.2
Redhat Linux	Version 7.3
Redhat Linux	Version 8.0

References (8)

http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=75418

Source: cve@mitre.org

Vendor Advisory

http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:026

Source: cve@mitre.org

http://www.redhat.com/support/errata/RHSA-2003-057.html

Source: cve@mitre.org

http://www.redhat.com/support/errata/RHSA-2003-058.html

Source: cve@mitre.org

http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=75418

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:026

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.redhat.com/support/errata/RHSA-2003-057.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.redhat.com/support/errata/RHSA-2003-058.html

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.