Lucene search

MitreCVE-2005-1976

HistoryJun 05, 2006 - 6:00 p.m.

CVE-2005-1976

2006-06-0518:00:00

mitre

web.nvd.nist.gov

cve-2005-1976

novell netmail

linux

arbitrary code execution

dos

CVSS2

1.7

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:S/C:N/I:N/A:P

AI Score

8.1

Confidence

High

EPSS

0.001

Percentile

44.3%

JSON

Novell NetMail 3.5.2a, 3.5.2b, and 3.5.2c, when running on Linux, sets the owner and group ID to 500 for certain files, which could allow users or groups with that ID to execute arbitrary code or cause a denial of service by modifying those files.

Affected configurations

Nvd

Node

novellnetmailMatch3.5.2a

novellnetmailMatch3.5.2b

novellnetmailMatch3.5.2c

VendorProductVersionCPE
novellnetmail3.5.2cpe:2.3:a:novell:netmail:3.5.2:a:*:*:*:*:*:*
novellnetmail3.5.2cpe:2.3:a:novell:netmail:3.5.2:b:*:*:*:*:*:*
novellnetmail3.5.2cpe:2.3:a:novell:netmail:3.5.2:c:*:*:*:*:*:*

Vendor	Product	Version	CPE
novell	netmail	3.5.2	cpe:2.3:a:novell:netmail:3.5.2:a::::::
novell	netmail	3.5.2	cpe:2.3:a:novell:netmail:3.5.2:b::::::
novell	netmail	3.5.2	cpe:2.3:a:novell:netmail:3.5.2:c::::::

References

secunia.com/advisories/15763

securitytracker.com/id?1014251

support.novell.com/cgi-bin/search/searchtid.cgi?/10098022.htm

www.osvdb.org/17456

www.securityfocus.com/bid/14005

CVSS2

1.7

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:S/C:N/I:N/A:P

AI Score

8.1

Confidence

High

EPSS

0.001

Percentile

44.3%

JSON

Related for CVE-2005-1976