CVE-2006-1174
EPSS 0.10%Published: 5/28/2006Modified: 4/28/2026
Description
useradd in shadow-utils before 4.0.3, and possibly other versions before 4.0.8, does not provide a required argument to the open function when creating a new user mailbox, which causes the mailbox to be created with unpredictable permissions and possibly allows attackers to read or modify the mailbox.
Affected packages (1)
- Debian/shadowfrom 0, < 1:4.0.15-10