Vulnerabilities > Debian > Shadow > Low

DATE CVE VULNERABILITY TITLE RISK
2006-05-28 CVE-2006-1174 Permissions, Privileges, and Access Controls vulnerability in Debian Shadow
useradd in shadow-utils before 4.0.3, and possibly other versions before 4.0.8, does not provide a required argument to the open function when creating a new user mailbox, which causes the mailbox to be created with unpredictable permissions and possibly allows attackers to read or modify the mailbox.
local
high complexity
debian CWE-264
3.7
2006-04-19 CVE-2006-1844 Unspecified vulnerability in Debian Base-Config and Shadow
The Debian installer for the (1) shadow 4.0.14 and (2) base-config 2.53.10 packages includes sensitive information in world-readable log files, including preseeded passwords and pppoeconf passwords, which might allow local users to gain privileges.
local
low complexity
debian
2.1