CVE-2002-1713

MEDIUM

Mandrakesoft Mandrake Linux - Incorrect Default Permissions

Title source: rule

Description

The Standard security setting for Mandrake-Security package (msec) in Mandrake 8.2 installs home directories with world-readable permissions, which could allow local users to read other user's files.

References (4)

[Broken Link, Third Party Advisory, VDB Entry] http://online.securityfocus.com/archive/1/277515

[Third Party Advisory, US Government Resource] http://www.kb.cert.org/vuls/id/455323

[Broken Link, Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/5050

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/9389

Scores

CVSS v3 5.5

EPSS 0.0026

EPSS Percentile 49.6%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Classification

CWE

CWE-276

Status draft

Affected Products (1)

mandrakesoft/mandrake_linux

Timeline

Published Dec 31, 2002

Tracked Since Feb 18, 2026