MDKSA-2006:090 : shadow-utils

Low Nessus Plugin ID 21601


The remote Mandrake host is missing one or more security-related patches.


A potential security problem was found in the useradd tool when it creates a new user's mailbox due to a missing argument to the open() call, resulting in the first permissions of the file being some random garbage found on the stack, which could possibly be held open for reading or writing before the proper fchmod() call is executed.

Packages have been patched to correct this issue.


Update the affected package(s).

See Also

Plugin Details

Severity: Low

ID: 21601

File Name: mandrake_MDKSA-2006-090.nasl

Version: $Revision: 1.9 $

Type: local

Published: 2006/05/27

Modified: 2012/09/07

Dependencies: 12634

Risk Information

Risk Factor: Low


Base Score: 3.7

Vector: CVSS2#AV:L/AC:H/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: cpe:/o:mandriva:linux

Required KB Items: Host/Mandrake/release, Host/Mandrake/rpm-list

Patch Publication Date: 2006/05/24

Reference Information

CVE: CVE-2006-1174