5.5

CVE-2002-1713

The Standard security setting for Mandrake-Security package (msec) in Mandrake 8.2 installs home directories with world-readable permissions, which could allow local users to read other user's files.

Data is provided by the National Vulnerability Database (NVD)
MandrakesoftMandrake Linux Version8.2
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.41% 0.598
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
nvd@nist.gov 2.1 3.9 2.9
AV:L/AC:L/Au:N/C:P/I:N/A:N
CWE-276 Incorrect Default Permissions

During installation, installed file permissions are set to allow anyone to modify those files.

http://online.securityfocus.com/archive/1/277515
Third Party Advisory
Broken Link
VDB Entry
http://www.kb.cert.org/vuls/id/455323
Third Party Advisory
US Government Resource
http://www.securityfocus.com/bid/5050
Third Party Advisory
Broken Link
VDB Entry