VYPR
Unrated severityNVD Advisory· Published May 28, 2006· Updated Jun 16, 2026

CVE-2006-1174

CVE-2006-1174

Description

useradd in shadow-utils before 4.0.3, and possibly other versions before 4.0.8, does not provide a required argument to the open function when creating a new user mailbox, which causes the mailbox to be created with unpredictable permissions and possibly allows attackers to read or modify the mailbox.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

9
  • Debian/Shadow8 versions
    cpe:2.3:a:debian:shadow:*:*:*:*:*:*:*:*+ 7 more
    • cpe:2.3:a:debian:shadow:*:*:*:*:*:*:*:*range: <=4.0.7
    • cpe:2.3:a:debian:shadow:4.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:shadow:4.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:shadow:4.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:shadow:4.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:shadow:4.0.4.1:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:shadow:4.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:debian:shadow:4.0.6:*:*:*:*:*:*:*
  • Range: <4.0.3

Patches

Vulnerability mechanics

References

26

News mentions

0

No linked articles in our index yet.