PT-2006-2586 · Netbsd · Netbsd

Published

2006-04-03

Updated

2017-07-20

CVE-2006-1587

CVSS v2.0

2.1

Low

Vector

AV:L/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions: NetBSD versions 1.6 through 3.0

Description: The issue allows local users to read the record file due to it being created with 0644 permissions when a user has "set record" in .mailrc with the default umask set.

Recommendations: For NetBSD versions 1.6 through 3.0, consider changing the default umask to create the record file with more restrictive permissions to prevent unauthorized access.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2006-1587

Affected Products

Netbsd

PT-2006-2586 · Netbsd · Netbsd

CVE-2006-1587

Related Identifiers

Affected Products

References · 6