CVE-2002-1509 : A patch for shadow-utils 20000902 causes the useradd command to create a mail spool files with read/write privileges of

A patch for shadow-utils 20000902 causes the useradd command to create a mail spool files with read/write privileges of the new user's group (mode 660), which allows other users in the same group to read or modify the new user's incoming email.

Published 2003-03-03 05:00:00

Updated 2008-09-10 19:14:48

Source MITRE

View at NVD, CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2002-1509

Probability of exploitation activity in the next 30 days: 0.06%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 23 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2002-1509

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
3.6	LOW	AV:L/AC:L/Au:N/C:P/I:P/A:N	3.9	4.9	NIST
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: None

References for CVE-2002-1509

Products affected by CVE-2002-1509

Redhat » Linux » Version: 7.2
cpe:2.3:o:redhat:linux:7.2:*:*:*:*:*:*:*
Matching versions
Redhat » Linux » Version: 7.2 Ia64 Edition
cpe:2.3:o:redhat:linux:7.2:*:ia64:*:*:*:*:*
Matching versions
Redhat » Linux » Version: 7.3
cpe:2.3:o:redhat:linux:7.3:*:*:*:*:*:*:*
Matching versions
Redhat » Linux » Version: 8.0
cpe:2.3:o:redhat:linux:8.0:*:*:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2002-1509

Exploit prediction scoring system (EPSS) score for CVE-2002-1509

CVSS scores for CVE-2002-1509

References for CVE-2002-1509

Products affected by CVE-2002-1509