Vulnerabilities > Debian > Shadow > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-05-28 | CVE-2006-1174 | Permissions, Privileges, and Access Controls vulnerability in Debian Shadow useradd in shadow-utils before 4.0.3, and possibly other versions before 4.0.8, does not provide a required argument to the open function when creating a new user mailbox, which causes the mailbox to be created with unpredictable permissions and possibly allows attackers to read or modify the mailbox. | 3.7 |
| 2006-04-19 | CVE-2006-1844 | Unspecified vulnerability in Debian Base-Config and Shadow The Debian installer for the (1) shadow 4.0.14 and (2) base-config 2.53.10 packages includes sensitive information in world-readable log files, including preseeded passwords and pppoeconf passwords, which might allow local users to gain privileges. | 2.1 |