CVE-2006-1174

useradd in shadow-utils before 4.0.3, and possibly other versions before 4.0.8, does not provide a required argument to the open function when creating a new user mailbox, which causes the mailbox to be created with unpredictable permissions and possibly allows attackers to read or modify the mailbox.

🔗 References (52)

• cret@certftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc
• cret@certhttp://cvs.pld.org.pl/shadow/NEWS?rev=1.109
• cret@certhttp://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html
• cret@certhttp://secunia.com/advisories/20370
• cret@certhttp://secunia.com/advisories/20506
• cret@certhttp://secunia.com/advisories/25098
• cret@certhttp://secunia.com/advisories/25267
• cret@certhttp://secunia.com/advisories/25629
• cret@certhttp://secunia.com/advisories/25894
• cret@certhttp://secunia.com/advisories/25896
• cret@certhttp://secunia.com/advisories/26909
• cret@certhttp://secunia.com/advisories/27706
• cret@certhttp://support.avaya.com/elmodocs2/security/ASA-2007-249.htm
• cret@certhttp://www.gentoo.org/security/en/glsa/glsa-200606-02.xml
• cret@certhttp://www.kb.cert.org/vuls/id/312692