Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2005-1976

Novell NetMail 3.5.2a, 3.5.2b, and 3.5.2c, when running on Linux, sets the owner and group ID to 500 for certain files, which could allow users or groups with that ID to execute arbitrary code or cause a denial of service by modifying those files.

Published

2005-12-31T05:00:00.000

Last Modified

2025-04-03T01:03:51.193

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 1.7 (LOW)

CVSSv2 Vector

AV:L/AC:L/Au:S/C:N/I:N/A:P

Access Vector: LOCAL
Access Complexity: LOW
Authentication: SINGLE
Confidentiality Impact: NONE
Integrity Impact: NONE
Availability Impact: PARTIAL

Exploitability Score

3.1

Impact Score

2.9

Weaknesses

Type: Primary
NVD-CWE-Other

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	novell	netmail	3.5.2	Yes
Application	novell	netmail	3.5.2	Yes
Application	novell	netmail	3.5.2	Yes

References

http://secunia.com/advisories/15763 Patch, Vendor Advisory ([email protected])
http://securitytracker.com/id?1014251 ([email protected])
http://support.novell.com/cgi-bin/search/searchtid.cgi?/10098022.htm Patch ([email protected])
http://www.osvdb.org/17456 Patch ([email protected])
http://www.securityfocus.com/bid/14005 Patch ([email protected])
http://secunia.com/advisories/15763 Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://securitytracker.com/id?1014251 (af854a3a-2127-422b-91ae-364da2661108)
http://support.novell.com/cgi-bin/search/searchtid.cgi?/10098022.htm Patch (af854a3a-2127-422b-91ae-364da2661108)
http://www.osvdb.org/17456 Patch (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/14005 Patch (af854a3a-2127-422b-91ae-364da2661108)