Unrated severityNVD Advisory· Published Jul 16, 1996· Updated Apr 16, 2026
CVE-1999-1572
CVE-1999-1572
Description
cpio on FreeBSD 2.1.0, Debian GNU/Linux 3.0, and possibly other operating systems, uses a 0 umask when creating files using the -O (archive) or -F options, which creates the files with mode 0666 and allows local users to read or overwrite those files.
Affected products
12- cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*
cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*
- cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*
- cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:*:*:*:*:*:*
- cpe:2.3:o:mandrakesoft:mandrake_linux:cs2.1:*:*:*:*:*:*:*
- cpe:2.3:o:mandrakesoft:mandrake_linux:cs3.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:4.0:*:advanced_server:*:*:*:*:*+ 2 more
- cpe:2.3:o:redhat:enterprise_linux:4.0:*:advanced_server:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux:4.0:*:enterprise_server:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux:4.0:*:workstation:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
14- www.freebsd.org/cgi/query-pr.cginvdExploit
- marc.infonvd
- secunia.com/advisories/14357nvd
- secunia.com/advisories/17063nvd
- secunia.com/advisories/17532nvd
- support.avaya.com/elmodocs2/security/ASA-2005-212.pdfnvd
- www.debian.org/security/2005/dsa-664nvd
- www.mandriva.com/security/advisoriesnvd
- www.redhat.com/support/errata/RHSA-2005-073.htmlnvd
- www.redhat.com/support/errata/RHSA-2005-080.htmlnvd
- www.redhat.com/support/errata/RHSA-2005-806.htmlnvd
- www.trustix.org/errata/2005/0003/nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/19167nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10888nvd
News mentions
0No linked articles in our index yet.