CVE-2005-1976
Novell NetMail 3.5.2a-3.5.2c - Arbitrary Code Execution via File Permission Misconfiguration
Title source: llmDescription
Novell NetMail 3.5.2a, 3.5.2b, and 3.5.2c, when running on Linux, sets the owner and group ID to 500 for certain files, which could allow users or groups with that ID to execute arbitrary code or cause a denial of service by modifying those files.
References (5)
Core 5
Core References
Patch vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/14005
Patch, Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/15763
Patch vdb-entry
x_refsource_osvdb
http://www.osvdb.org/17456
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://securitytracker.com/id?1014251
Patch x_refsource_confirm
http://support.novell.com/cgi-bin/search/searchtid.cgi?/10098022.htm
Scores
EPSS
0.0007
EPSS Percentile
21.6%
Details
Status
published
Products (1)
novell/netmail
3.5.2 a (3 CPE variants)
Published
Dec 31, 2005
Tracked Since
Feb 18, 2026