Strix
26.1K

CVE-2002-1509

UnknownEPSS 0.37%

Last modified

CVE-2002-1509 is a vulnerability of currently unknown severity. A patch for shadow-utils 20000902 causes the useradd command to create a mail spool files with read/write privileges of the new user's group (mode 660), which allows other users in the same group to read or modify the new user's incoming email.. EPSS estimates a 0.37% chance of exploitation in the next 30 days.

Description

A patch for shadow-utils 20000902 causes the useradd command to create a mail spool files with read/write privileges of the new user's group (mode 660), which allows other users in the same group to read or modify the new user's incoming email.

Metrics

EPSS Probability
0.37%

29.1th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

VendorProductVersions
RedhatLinux7.2
RedhatLinux7.3
RedhatLinux8.0

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2002-1509?
A patch for shadow-utils 20000902 causes the useradd command to create a mail spool files with read/write privileges of the new user's group (mode 660), which allows other users in the same group to read or modify the new user's incoming email.
How severe is CVE-2002-1509?
Severity scoring for CVE-2002-1509 is pending analysis. The EPSS model estimates a 0.37% probability of exploitation in the next 30 days.
How do I fix CVE-2002-1509?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2002-1509?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST