Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2006-1174 (GCVE-0-2006-1174)
Vulnerability from cvelistv5
Published
2006-05-28 23:00
Modified
2024-08-07 17:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
useradd in shadow-utils before 4.0.3, and possibly other versions before 4.0.8, does not provide a required argument to the open function when creating a new user mailbox, which causes the mailbox to be created with unpredictable permissions and possibly allows attackers to read or modify the mailbox.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T17:03:28.515Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20070920 VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html"
},
{
"name": "25098",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25098"
},
{
"name": "25894",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25894"
},
{
"name": "RHSA-2007:0431",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0431.html"
},
{
"name": "ADV-2007-3229",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/3229"
},
{
"name": "25267",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25267"
},
{
"name": "RHSA-2007:0276",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0276.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-249.htm"
},
{
"name": "18111",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/18111"
},
{
"name": "1018221",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018221"
},
{
"name": "25629",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25629"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://cvs.pld.org.pl/shadow/NEWS?rev=1.109"
},
{
"name": "shadow-utils-useradd-file-permission(26958)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26958"
},
{
"name": "VU#312692",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/312692"
},
{
"name": "GLSA-200606-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200606-02.xml"
},
{
"name": "25896",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25896"
},
{
"name": "20070511 rPSA-2007-0096-1 shadow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/468336/100/0/threaded"
},
{
"name": "MDKSA-2006:090",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:090"
},
{
"name": "oval:org.mitre.oval:def:10807",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10807"
},
{
"name": "26909",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26909"
},
{
"name": "27706",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27706"
},
{
"name": "ADV-2006-2006",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/2006"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.rpath.com/browse/RPL-1357"
},
{
"name": "20506",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20506"
},
{
"name": "20370",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20370"
},
{
"name": "20070602-01-P",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-05-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "useradd in shadow-utils before 4.0.3, and possibly other versions before 4.0.8, does not provide a required argument to the open function when creating a new user mailbox, which causes the mailbox to be created with unpredictable permissions and possibly allows attackers to read or modify the mailbox."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-18T14:57:01",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "20070920 VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html"
},
{
"name": "25098",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25098"
},
{
"name": "25894",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25894"
},
{
"name": "RHSA-2007:0431",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0431.html"
},
{
"name": "ADV-2007-3229",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/3229"
},
{
"name": "25267",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25267"
},
{
"name": "RHSA-2007:0276",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0276.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-249.htm"
},
{
"name": "18111",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/18111"
},
{
"name": "1018221",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018221"
},
{
"name": "25629",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25629"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://cvs.pld.org.pl/shadow/NEWS?rev=1.109"
},
{
"name": "shadow-utils-useradd-file-permission(26958)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26958"
},
{
"name": "VU#312692",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/312692"
},
{
"name": "GLSA-200606-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200606-02.xml"
},
{
"name": "25896",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25896"
},
{
"name": "20070511 rPSA-2007-0096-1 shadow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/468336/100/0/threaded"
},
{
"name": "MDKSA-2006:090",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:090"
},
{
"name": "oval:org.mitre.oval:def:10807",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10807"
},
{
"name": "26909",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26909"
},
{
"name": "27706",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27706"
},
{
"name": "ADV-2006-2006",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/2006"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.rpath.com/browse/RPL-1357"
},
{
"name": "20506",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20506"
},
{
"name": "20370",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20370"
},
{
"name": "20070602-01-P",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2006-1174",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "useradd in shadow-utils before 4.0.3, and possibly other versions before 4.0.8, does not provide a required argument to the open function when creating a new user mailbox, which causes the mailbox to be created with unpredictable permissions and possibly allows attackers to read or modify the mailbox."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20070920 VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html"
},
{
"name": "25098",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25098"
},
{
"name": "25894",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25894"
},
{
"name": "RHSA-2007:0431",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0431.html"
},
{
"name": "ADV-2007-3229",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3229"
},
{
"name": "25267",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25267"
},
{
"name": "RHSA-2007:0276",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0276.html"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2007-249.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-249.htm"
},
{
"name": "18111",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18111"
},
{
"name": "1018221",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018221"
},
{
"name": "25629",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25629"
},
{
"name": "http://cvs.pld.org.pl/shadow/NEWS?rev=1.109",
"refsource": "CONFIRM",
"url": "http://cvs.pld.org.pl/shadow/NEWS?rev=1.109"
},
{
"name": "shadow-utils-useradd-file-permission(26958)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26958"
},
{
"name": "VU#312692",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/312692"
},
{
"name": "GLSA-200606-02",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200606-02.xml"
},
{
"name": "25896",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25896"
},
{
"name": "20070511 rPSA-2007-0096-1 shadow",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/468336/100/0/threaded"
},
{
"name": "MDKSA-2006:090",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:090"
},
{
"name": "oval:org.mitre.oval:def:10807",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10807"
},
{
"name": "26909",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26909"
},
{
"name": "27706",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27706"
},
{
"name": "ADV-2006-2006",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2006"
},
{
"name": "https://issues.rpath.com/browse/RPL-1357",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-1357"
},
{
"name": "20506",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20506"
},
{
"name": "20370",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20370"
},
{
"name": "20070602-01-P",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2006-1174",
"datePublished": "2006-05-28T23:00:00",
"dateReserved": "2006-03-12T00:00:00",
"dateUpdated": "2024-08-07T17:03:28.515Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2006-1174\",\"sourceIdentifier\":\"cret@cert.org\",\"published\":\"2006-05-28T23:02:00.000\",\"lastModified\":\"2025-04-03T01:03:51.193\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"useradd in shadow-utils before 4.0.3, and possibly other versions before 4.0.8, does not provide a required argument to the open function when creating a new user mailbox, which causes the mailbox to be created with unpredictable permissions and possibly allows attackers to read or modify the mailbox.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:H/Au:N/C:P/I:P/A:P\",\"baseScore\":3.7,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"HIGH\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":1.9,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":true,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-264\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:debian:shadow:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"4.0.7\",\"matchCriteriaId\":\"AED127ED-19EC-4726-BEE0-54F0D79EB687\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:debian:shadow:4.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2973B149-FE07-4419-93A3-60AA9869A0DA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:debian:shadow:4.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BA08859D-4D5B-4B0A-9806-2B32A10B8B57\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:debian:shadow:4.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"967E773A-162A-412B-832A-FB8CEFCCD9BB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:debian:shadow:4.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B5B4F1B0-3ECC-4087-88CE-FD5D479891AB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:debian:shadow:4.0.4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D1E94046-69F7-485B-ADF8-F10619B23E6F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:debian:shadow:4.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B5B4260C-E44F-4D48-9349-BA089F1F1AF1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:debian:shadow:4.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A003CA1C-0427-4257-A579-1BFA91A51CCC\"}]}]}],\"references\":[{\"url\":\"ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc\",\"source\":\"cret@cert.org\"},{\"url\":\"http://cvs.pld.org.pl/shadow/NEWS?rev=1.109\",\"source\":\"cret@cert.org\"},{\"url\":\"http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html\",\"source\":\"cret@cert.org\"},{\"url\":\"http://secunia.com/advisories/20370\",\"source\":\"cret@cert.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/20506\",\"source\":\"cret@cert.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/25098\",\"source\":\"cret@cert.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/25267\",\"source\":\"cret@cert.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/25629\",\"source\":\"cret@cert.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/25894\",\"source\":\"cret@cert.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/25896\",\"source\":\"cret@cert.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/26909\",\"source\":\"cret@cert.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/27706\",\"source\":\"cret@cert.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://support.avaya.com/elmodocs2/security/ASA-2007-249.htm\",\"source\":\"cret@cert.org\"},{\"url\":\"http://www.gentoo.org/security/en/glsa/glsa-200606-02.xml\",\"source\":\"cret@cert.org\"},{\"url\":\"http://www.kb.cert.org/vuls/id/312692\",\"source\":\"cret@cert.org\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDKSA-2006:090\",\"source\":\"cret@cert.org\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2007-0276.html\",\"source\":\"cret@cert.org\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2007-0431.html\",\"source\":\"cret@cert.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/468336/100/0/threaded\",\"source\":\"cret@cert.org\"},{\"url\":\"http://www.securityfocus.com/bid/18111\",\"source\":\"cret@cert.org\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.securitytracker.com/id?1018221\",\"source\":\"cret@cert.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2006/2006\",\"source\":\"cret@cert.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2007/3229\",\"source\":\"cret@cert.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/26958\",\"source\":\"cret@cert.org\"},{\"url\":\"https://issues.rpath.com/browse/RPL-1357\",\"source\":\"cret@cert.org\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10807\",\"source\":\"cret@cert.org\"},{\"url\":\"ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://cvs.pld.org.pl/shadow/NEWS?rev=1.109\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/20370\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/20506\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/25098\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/25267\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/25629\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/25894\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/25896\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/26909\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/27706\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://support.avaya.com/elmodocs2/security/ASA-2007-249.htm\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.gentoo.org/security/en/glsa/glsa-200606-02.xml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.kb.cert.org/vuls/id/312692\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDKSA-2006:090\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2007-0276.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2007-0431.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/468336/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/18111\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.securitytracker.com/id?1018221\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2006/2006\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2007/3229\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/26958\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://issues.rpath.com/browse/RPL-1357\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10807\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}],\"vendorComments\":[{\"organization\":\"Red Hat\",\"comment\":\"Red Hat is aware of this issue and is tracking it via the following bugs:\\nhttps://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=193053\\nhttps://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=229194\\n\\nThe Red Hat Security Response Team has rated this issue as having low security impact, a future update may address this flaw. More information regarding issue severity can be found here:\\nhttp://www.redhat.com/security/updates/classification/\\n\\nThe risks associated with fixing this bug are greater than the low severity security risk. We therefore currently have no plans to fix this flaw in Red Hat Enterprise Linux 2.1 which is in maintenance mode.\",\"lastModified\":\"2007-09-06T00:00:00\"}]}}"
}
}
ghsa-2fgw-2v2m-w7mc
Vulnerability from github
Published
2022-05-03 03:15
Modified
2022-05-03 03:15
VLAI Severity ?
Details
useradd in shadow-utils before 4.0.3, and possibly other versions before 4.0.8, does not provide a required argument to the open function when creating a new user mailbox, which causes the mailbox to be created with unpredictable permissions and possibly allows attackers to read or modify the mailbox.
{
"affected": [],
"aliases": [
"CVE-2006-1174"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2006-05-28T23:02:00Z",
"severity": "LOW"
},
"details": "useradd in shadow-utils before 4.0.3, and possibly other versions before 4.0.8, does not provide a required argument to the open function when creating a new user mailbox, which causes the mailbox to be created with unpredictable permissions and possibly allows attackers to read or modify the mailbox.",
"id": "GHSA-2fgw-2v2m-w7mc",
"modified": "2022-05-03T03:15:37Z",
"published": "2022-05-03T03:15:37Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2006-1174"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26958"
},
{
"type": "WEB",
"url": "https://issues.rpath.com/browse/RPL-1357"
},
{
"type": "WEB",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10807"
},
{
"type": "WEB",
"url": "http://cvs.pld.org.pl/shadow/NEWS?rev=1.109"
},
{
"type": "WEB",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/20370"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/20506"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/25098"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/25267"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/25629"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/25894"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/25896"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/26909"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/27706"
},
{
"type": "WEB",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-249.htm"
},
{
"type": "WEB",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200606-02.xml"
},
{
"type": "WEB",
"url": "http://www.kb.cert.org/vuls/id/312692"
},
{
"type": "WEB",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:090"
},
{
"type": "WEB",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0276.html"
},
{
"type": "WEB",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0431.html"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/archive/1/468336/100/0/threaded"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/18111"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id?1018221"
},
{
"type": "WEB",
"url": "http://www.vupen.com/english/advisories/2006/2006"
},
{
"type": "WEB",
"url": "http://www.vupen.com/english/advisories/2007/3229"
}
],
"schema_version": "1.4.0",
"severity": []
}
CERTA-2007-AVI-409
Vulnerability from certfr_avis
Plusieurs vulnérabilités ont été identifiées dans différents produits VMware. L'exploitation de ces derniers peut provoquer l'exécution de code arbitraire depuis une machine virtuelle sur la machine hôte, ou perturber son fonctionnement.
Description
Plusieurs vulnérabilités ont été identifiées dans différents produits VMware. Parmi celles-ci :
- un utilisateur ayant des droits administrateur sur la machine virtuelle peut parvenir à corrompre la mémoire du processus hôte, et donc potentiellement exécuter du code arbitraire sur le système d'accueil ;
- un erreur de manipulation dans le serveur DHCP peut être exploitée au moins de paquets spécialement construits pour acquérir les droits administrateur sur le système hôte vulnérable ;
- plusieurs problèmes dans la manipulation de requêtes MS-RPC de SAMBA peuvent être exploités pour provoquer un débordement de pile côté serveur.
- une vulnérabilité du serveur DNS, associée à l'avis CERTA-2007-AVI-327 concernant BIND ;
- etc.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| VMware | N/A | VMware ACE 2.0.0 ; | ||
| VMware | N/A | VMware ESX 2.5.3 sans le patch 13 ; | ||
| VMware | N/A | VMware Server 1.0.3 ainsi que les versions antérieures ; | ||
| VMware | N/A | VMware Player 1.0.4 ainsi que les versions antérieures ; | ||
| VMware | N/A | VMware Player version 2.0.0 ; | ||
| VMware | N/A | VMware Workstation 6.0.0 ; | ||
| VMware | N/A | VMware ESX 2.1.3 sans le patch 8 ; | ||
| VMware | N/A | VMware Workstation 5.5.4 ainsi que les versions antérieures ; | ||
| VMware | N/A | VMware ESX 2.5.4 sans le patch 10 ; | ||
| VMware | N/A | VMware ESX 2.0.2 sans le patch 8 ; | ||
| VMware | N/A | VMware ESX, pour les versions 3.0.0, 3.0.1 et 3.0.2 sans les patchs associés ; | ||
| VMware | N/A | VMware ACE 1.0.3 ainsi que les versions antérieures ; |
References
| Title | Publication Time | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "VMware ACE 2.0.0 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VMware ESX 2.5.3 sans le patch 13 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VMware Server 1.0.3 ainsi que les versions ant\u00e9rieures ;",
"product": {
"name": "N/A",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VMware Player 1.0.4 ainsi que les versions ant\u00e9rieures ;",
"product": {
"name": "N/A",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VMware Player version 2.0.0 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VMware Workstation 6.0.0 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VMware ESX 2.1.3 sans le patch 8 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VMware Workstation 5.5.4 ainsi que les versions ant\u00e9rieures ;",
"product": {
"name": "N/A",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VMware ESX 2.5.4 sans le patch 10 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VMware ESX 2.0.2 sans le patch 8 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VMware ESX, pour les versions 3.0.0, 3.0.1 et 3.0.2 sans les patchs associ\u00e9s ;",
"product": {
"name": "N/A",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VMware ACE 1.0.3 ainsi que les versions ant\u00e9rieures ;",
"product": {
"name": "N/A",
"vendor": {
"name": "VMware",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Description\n\nPlusieurs vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 identifi\u00e9es dans diff\u00e9rents produits\nVMware. Parmi celles-ci :\n\n- un utilisateur ayant des droits administrateur sur la machine\n virtuelle peut parvenir \u00e0 corrompre la m\u00e9moire du processus h\u00f4te, et\n donc potentiellement ex\u00e9cuter du code arbitraire sur le syst\u00e8me\n d\u0027accueil ;\n- un erreur de manipulation dans le serveur DHCP peut \u00eatre exploit\u00e9e\n au moins de paquets sp\u00e9cialement construits pour acqu\u00e9rir les droits\n administrateur sur le syst\u00e8me h\u00f4te vuln\u00e9rable ;\n- plusieurs probl\u00e8mes dans la manipulation de requ\u00eates MS-RPC de SAMBA\n peuvent \u00eatre exploit\u00e9s pour provoquer un d\u00e9bordement de pile c\u00f4t\u00e9\n serveur.\n- une vuln\u00e9rabilit\u00e9 du serveur DNS, associ\u00e9e \u00e0 l\u0027avis\n CERTA-2007-AVI-327 concernant BIND ;\n- etc.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2004-0813",
"url": "https://www.cve.org/CVERecord?id=CVE-2004-0813"
},
{
"name": "CVE-2007-1716",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-1716"
},
{
"name": "CVE-2006-4146",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-4146"
},
{
"name": "CVE-2007-0063",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-0063"
},
{
"name": "CVE-2007-4497",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-4497"
},
{
"name": "CVE-2007-0494",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-0494"
},
{
"name": "CVE-2007-0061",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-0061"
},
{
"name": "CVE-2007-2446",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-2446"
},
{
"name": "CVE-2006-1174",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-1174"
},
{
"name": "CVE-2006-4600",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-4600"
},
{
"name": "CVE-2006-3619",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-3619"
},
{
"name": "CVE-2007-2442",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-2442"
},
{
"name": "CVE-2007-2798",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-2798"
},
{
"name": "CVE-2007-1856",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-1856"
},
{
"name": "CVE-2007-2447",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-2447"
},
{
"name": "CVE-2007-0062",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-0062"
},
{
"name": "CVE-2007-4496",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-4496"
},
{
"name": "CVE-2007-2443",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-2443"
}
],
"initial_release_date": "2007-09-21T00:00:00",
"last_revision_date": "2007-11-20T00:00:00",
"links": [
{
"title": "Copie de l\u0027annonce de s\u00e9curit\u00e9 VMSA-2007-0006 de VMware publi\u00e9e le 18 septembre 2007 :",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html"
},
{
"title": "Liste de diffusion des annonces de s\u00e9curit\u00e9 VMware :",
"url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
},
{
"title": "Site officiel de Vmware :",
"url": "http://www.vmware.com/security"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Gentoo GLSA 200711-23 du 18 novembre 2007 :",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200711-23.xml"
}
],
"reference": "CERTA-2007-AVI-409",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2007-09-21T00:00:00.000000"
},
{
"description": "Ajout de la r\u00e9f\u00e9rence au bulletin de s\u00e9curit\u00e9 Gentoo.",
"revision_date": "2007-11-20T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
}
],
"summary": "Plusieurs vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 identifi\u00e9es dans diff\u00e9rents produits\nVMware. L\u0027exploitation de ces derniers peut provoquer l\u0027ex\u00e9cution de\ncode arbitraire depuis une machine virtuelle sur la machine h\u00f4te, ou\nperturber son fonctionnement.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware",
"vendor_advisories": [
{
"published_at": null,
"title": "Avis de s\u00e9curit\u00e9 VMware VMSA-2007-0006 du 18 septembre 2007",
"url": null
}
]
}
RHSA-2007:0431
Vulnerability from csaf_redhat
Published
2007-06-07 20:16
Modified
2025-10-09 12:49
Summary
Red Hat Security Advisory: shadow-utils security and bug fix update
Notes
Topic
An updated shadow-utils package that fixes a security issue and several
bugs is now available.
This update has been rated as having low security impact by the Red Hat
Security Response Team.
Details
The shadow-utils package includes the necessary programs for converting
UNIX password files to the shadow password format, as well as programs
for managing user and group accounts.
A flaw was found in the useradd tool in shadow-utils. A new user's
mailbox, when created, could have random permissions for a short period.
This could allow a local attacker to read or modify the mailbox.
(CVE-2006-1174)
This update also fixes the following bugs:
* shadow-utils debuginfo package was empty.
* chage.1 and chage -l gave incorrect information about sp_inact.
All users of shadow-utils are advised to upgrade to this updated
package, which contains backported patches to resolve these issues.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Low"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An updated shadow-utils package that fixes a security issue and several\nbugs is now available.\n\nThis update has been rated as having low security impact by the Red Hat\nSecurity Response Team.",
"title": "Topic"
},
{
"category": "general",
"text": "The shadow-utils package includes the necessary programs for converting\nUNIX password files to the shadow password format, as well as programs \nfor managing user and group accounts. \n\nA flaw was found in the useradd tool in shadow-utils. A new user\u0027s\nmailbox, when created, could have random permissions for a short period.\nThis could allow a local attacker to read or modify the mailbox.\n(CVE-2006-1174)\n\nThis update also fixes the following bugs:\n\n* shadow-utils debuginfo package was empty.\n\n* chage.1 and chage -l gave incorrect information about sp_inact.\n\nAll users of shadow-utils are advised to upgrade to this updated \npackage, which contains backported patches to resolve these issues.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2007:0431",
"url": "https://access.redhat.com/errata/RHSA-2007:0431"
},
{
"category": "external",
"summary": "http://www.redhat.com/security/updates/classification/#low",
"url": "http://www.redhat.com/security/updates/classification/#low"
},
{
"category": "external",
"summary": "176949",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=176949"
},
{
"category": "external",
"summary": "216635",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=216635"
},
{
"category": "external",
"summary": "229194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=229194"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2007/rhsa-2007_0431.json"
}
],
"title": "Red Hat Security Advisory: shadow-utils security and bug fix update",
"tracking": {
"current_release_date": "2025-10-09T12:49:44+00:00",
"generator": {
"date": "2025-10-09T12:49:44+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.9"
}
},
"id": "RHSA-2007:0431",
"initial_release_date": "2007-06-07T20:16:00+00:00",
"revision_history": [
{
"date": "2007-06-07T20:16:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2007-06-07T16:16:45+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-09T12:49:44+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AS version 3",
"product": {
"name": "Red Hat Enterprise Linux AS version 3",
"product_id": "3AS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:3::as"
}
}
},
{
"category": "product_name",
"name": "Red Hat Desktop version 3",
"product": {
"name": "Red Hat Desktop version 3",
"product_id": "3Desktop",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:3::desktop"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ES version 3",
"product": {
"name": "Red Hat Enterprise Linux ES version 3",
"product_id": "3ES",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:3::es"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux WS version 3",
"product": {
"name": "Red Hat Enterprise Linux WS version 3",
"product_id": "3WS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:3::ws"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "shadow-utils-2:4.0.3-29.RHEL3.ia64",
"product": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.ia64",
"product_id": "shadow-utils-2:4.0.3-29.RHEL3.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/shadow-utils@4.0.3-29.RHEL3?arch=ia64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ia64",
"product": {
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ia64",
"product_id": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/shadow-utils-debuginfo@4.0.3-29.RHEL3?arch=ia64\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "shadow-utils-2:4.0.3-29.RHEL3.src",
"product": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.src",
"product_id": "shadow-utils-2:4.0.3-29.RHEL3.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/shadow-utils@4.0.3-29.RHEL3?arch=src\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "shadow-utils-2:4.0.3-29.RHEL3.x86_64",
"product": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.x86_64",
"product_id": "shadow-utils-2:4.0.3-29.RHEL3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/shadow-utils@4.0.3-29.RHEL3?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.x86_64",
"product": {
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.x86_64",
"product_id": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/shadow-utils-debuginfo@4.0.3-29.RHEL3?arch=x86_64\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "shadow-utils-2:4.0.3-29.RHEL3.i386",
"product": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.i386",
"product_id": "shadow-utils-2:4.0.3-29.RHEL3.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/shadow-utils@4.0.3-29.RHEL3?arch=i386\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.i386",
"product": {
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.i386",
"product_id": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/shadow-utils-debuginfo@4.0.3-29.RHEL3?arch=i386\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "i386"
},
{
"branches": [
{
"category": "product_version",
"name": "shadow-utils-2:4.0.3-29.RHEL3.ppc",
"product": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.ppc",
"product_id": "shadow-utils-2:4.0.3-29.RHEL3.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/shadow-utils@4.0.3-29.RHEL3?arch=ppc\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ppc",
"product": {
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ppc",
"product_id": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/shadow-utils-debuginfo@4.0.3-29.RHEL3?arch=ppc\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "ppc"
},
{
"branches": [
{
"category": "product_version",
"name": "shadow-utils-2:4.0.3-29.RHEL3.s390x",
"product": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.s390x",
"product_id": "shadow-utils-2:4.0.3-29.RHEL3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/shadow-utils@4.0.3-29.RHEL3?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390x",
"product": {
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390x",
"product_id": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/shadow-utils-debuginfo@4.0.3-29.RHEL3?arch=s390x\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "shadow-utils-2:4.0.3-29.RHEL3.s390",
"product": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.s390",
"product_id": "shadow-utils-2:4.0.3-29.RHEL3.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/shadow-utils@4.0.3-29.RHEL3?arch=s390\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390",
"product": {
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390",
"product_id": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/shadow-utils-debuginfo@4.0.3-29.RHEL3?arch=s390\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "s390"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.i386 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:shadow-utils-2:4.0.3-29.RHEL3.i386"
},
"product_reference": "shadow-utils-2:4.0.3-29.RHEL3.i386",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.ia64 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:shadow-utils-2:4.0.3-29.RHEL3.ia64"
},
"product_reference": "shadow-utils-2:4.0.3-29.RHEL3.ia64",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.ppc as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:shadow-utils-2:4.0.3-29.RHEL3.ppc"
},
"product_reference": "shadow-utils-2:4.0.3-29.RHEL3.ppc",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.s390 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:shadow-utils-2:4.0.3-29.RHEL3.s390"
},
"product_reference": "shadow-utils-2:4.0.3-29.RHEL3.s390",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.s390x as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:shadow-utils-2:4.0.3-29.RHEL3.s390x"
},
"product_reference": "shadow-utils-2:4.0.3-29.RHEL3.s390x",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.src as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:shadow-utils-2:4.0.3-29.RHEL3.src"
},
"product_reference": "shadow-utils-2:4.0.3-29.RHEL3.src",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.x86_64 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:shadow-utils-2:4.0.3-29.RHEL3.x86_64"
},
"product_reference": "shadow-utils-2:4.0.3-29.RHEL3.x86_64",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.i386 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.i386"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.i386",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ia64 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ia64"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ia64",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ppc as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ppc"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ppc",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390x as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390x"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390x",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.x86_64 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.x86_64"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.x86_64",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.i386 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:shadow-utils-2:4.0.3-29.RHEL3.i386"
},
"product_reference": "shadow-utils-2:4.0.3-29.RHEL3.i386",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.ia64 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:shadow-utils-2:4.0.3-29.RHEL3.ia64"
},
"product_reference": "shadow-utils-2:4.0.3-29.RHEL3.ia64",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.ppc as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:shadow-utils-2:4.0.3-29.RHEL3.ppc"
},
"product_reference": "shadow-utils-2:4.0.3-29.RHEL3.ppc",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.s390 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:shadow-utils-2:4.0.3-29.RHEL3.s390"
},
"product_reference": "shadow-utils-2:4.0.3-29.RHEL3.s390",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.s390x as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:shadow-utils-2:4.0.3-29.RHEL3.s390x"
},
"product_reference": "shadow-utils-2:4.0.3-29.RHEL3.s390x",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.src as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:shadow-utils-2:4.0.3-29.RHEL3.src"
},
"product_reference": "shadow-utils-2:4.0.3-29.RHEL3.src",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.x86_64 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:shadow-utils-2:4.0.3-29.RHEL3.x86_64"
},
"product_reference": "shadow-utils-2:4.0.3-29.RHEL3.x86_64",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.i386 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.i386"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.i386",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ia64 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ia64"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ia64",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ppc as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ppc"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ppc",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390x as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390x"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390x",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.x86_64 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.x86_64"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.x86_64",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.i386 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:shadow-utils-2:4.0.3-29.RHEL3.i386"
},
"product_reference": "shadow-utils-2:4.0.3-29.RHEL3.i386",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.ia64 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:shadow-utils-2:4.0.3-29.RHEL3.ia64"
},
"product_reference": "shadow-utils-2:4.0.3-29.RHEL3.ia64",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.ppc as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:shadow-utils-2:4.0.3-29.RHEL3.ppc"
},
"product_reference": "shadow-utils-2:4.0.3-29.RHEL3.ppc",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.s390 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:shadow-utils-2:4.0.3-29.RHEL3.s390"
},
"product_reference": "shadow-utils-2:4.0.3-29.RHEL3.s390",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.s390x as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:shadow-utils-2:4.0.3-29.RHEL3.s390x"
},
"product_reference": "shadow-utils-2:4.0.3-29.RHEL3.s390x",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.src as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:shadow-utils-2:4.0.3-29.RHEL3.src"
},
"product_reference": "shadow-utils-2:4.0.3-29.RHEL3.src",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.x86_64 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:shadow-utils-2:4.0.3-29.RHEL3.x86_64"
},
"product_reference": "shadow-utils-2:4.0.3-29.RHEL3.x86_64",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.i386 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.i386"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.i386",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ia64 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ia64"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ia64",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ppc as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ppc"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ppc",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390x as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390x"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390x",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.x86_64 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.x86_64"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.x86_64",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.i386 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:shadow-utils-2:4.0.3-29.RHEL3.i386"
},
"product_reference": "shadow-utils-2:4.0.3-29.RHEL3.i386",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.ia64 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:shadow-utils-2:4.0.3-29.RHEL3.ia64"
},
"product_reference": "shadow-utils-2:4.0.3-29.RHEL3.ia64",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.ppc as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:shadow-utils-2:4.0.3-29.RHEL3.ppc"
},
"product_reference": "shadow-utils-2:4.0.3-29.RHEL3.ppc",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.s390 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:shadow-utils-2:4.0.3-29.RHEL3.s390"
},
"product_reference": "shadow-utils-2:4.0.3-29.RHEL3.s390",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.s390x as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:shadow-utils-2:4.0.3-29.RHEL3.s390x"
},
"product_reference": "shadow-utils-2:4.0.3-29.RHEL3.s390x",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.src as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:shadow-utils-2:4.0.3-29.RHEL3.src"
},
"product_reference": "shadow-utils-2:4.0.3-29.RHEL3.src",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.x86_64 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:shadow-utils-2:4.0.3-29.RHEL3.x86_64"
},
"product_reference": "shadow-utils-2:4.0.3-29.RHEL3.x86_64",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.i386 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.i386"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.i386",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ia64 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ia64"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ia64",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ppc as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ppc"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ppc",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390x as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390x"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390x",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.x86_64 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.x86_64"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.x86_64",
"relates_to_product_reference": "3WS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2006-1174",
"discovery_date": "2006-05-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1618029"
}
],
"notes": [
{
"category": "description",
"text": "useradd in shadow-utils before 4.0.3, and possibly other versions before 4.0.8, does not provide a required argument to the open function when creating a new user mailbox, which causes the mailbox to be created with unpredictable permissions and possibly allows attackers to read or modify the mailbox.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "security flaw",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat is aware of this issue and is tracking it via the following bugs:\nhttps://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=193053\nhttps://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=229194\n\nThe Red Hat Security Response Team has rated this issue as having low security impact, a future update may address this flaw. More information regarding issue severity can be found here:\nhttp://www.redhat.com/security/updates/classification/\n\nThe risks associated with fixing this bug are greater than the low severity security risk. We therefore currently have no plans to fix this flaw in Red Hat Enterprise Linux 2.1 which is in maintenance mode.",
"title": "Statement"
}
],
"product_status": {
"fixed": [
"3AS:shadow-utils-2:4.0.3-29.RHEL3.i386",
"3AS:shadow-utils-2:4.0.3-29.RHEL3.ia64",
"3AS:shadow-utils-2:4.0.3-29.RHEL3.ppc",
"3AS:shadow-utils-2:4.0.3-29.RHEL3.s390",
"3AS:shadow-utils-2:4.0.3-29.RHEL3.s390x",
"3AS:shadow-utils-2:4.0.3-29.RHEL3.src",
"3AS:shadow-utils-2:4.0.3-29.RHEL3.x86_64",
"3AS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.i386",
"3AS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ia64",
"3AS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ppc",
"3AS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390",
"3AS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390x",
"3AS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.x86_64",
"3Desktop:shadow-utils-2:4.0.3-29.RHEL3.i386",
"3Desktop:shadow-utils-2:4.0.3-29.RHEL3.ia64",
"3Desktop:shadow-utils-2:4.0.3-29.RHEL3.ppc",
"3Desktop:shadow-utils-2:4.0.3-29.RHEL3.s390",
"3Desktop:shadow-utils-2:4.0.3-29.RHEL3.s390x",
"3Desktop:shadow-utils-2:4.0.3-29.RHEL3.src",
"3Desktop:shadow-utils-2:4.0.3-29.RHEL3.x86_64",
"3Desktop:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.i386",
"3Desktop:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ia64",
"3Desktop:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ppc",
"3Desktop:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390",
"3Desktop:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390x",
"3Desktop:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.x86_64",
"3ES:shadow-utils-2:4.0.3-29.RHEL3.i386",
"3ES:shadow-utils-2:4.0.3-29.RHEL3.ia64",
"3ES:shadow-utils-2:4.0.3-29.RHEL3.ppc",
"3ES:shadow-utils-2:4.0.3-29.RHEL3.s390",
"3ES:shadow-utils-2:4.0.3-29.RHEL3.s390x",
"3ES:shadow-utils-2:4.0.3-29.RHEL3.src",
"3ES:shadow-utils-2:4.0.3-29.RHEL3.x86_64",
"3ES:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.i386",
"3ES:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ia64",
"3ES:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ppc",
"3ES:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390",
"3ES:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390x",
"3ES:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.x86_64",
"3WS:shadow-utils-2:4.0.3-29.RHEL3.i386",
"3WS:shadow-utils-2:4.0.3-29.RHEL3.ia64",
"3WS:shadow-utils-2:4.0.3-29.RHEL3.ppc",
"3WS:shadow-utils-2:4.0.3-29.RHEL3.s390",
"3WS:shadow-utils-2:4.0.3-29.RHEL3.s390x",
"3WS:shadow-utils-2:4.0.3-29.RHEL3.src",
"3WS:shadow-utils-2:4.0.3-29.RHEL3.x86_64",
"3WS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.i386",
"3WS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ia64",
"3WS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ppc",
"3WS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390",
"3WS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390x",
"3WS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2006-1174"
},
{
"category": "external",
"summary": "RHBZ#1618029",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618029"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2006-1174",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-1174"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-1174",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2006-1174"
}
],
"release_date": "2005-02-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2007-06-07T20:16:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied. Use Red Hat\nNetwork to download and update your packages. To launch the Red Hat\nUpdate Agent, use the following command:\n\n up2date\n\nFor information on how to install packages manually, refer to the\nfollowing Web page for the System Administration or Customization\nguide specific to your system:\n\n http://www.redhat.com/docs/manuals/enterprise/",
"product_ids": [
"3AS:shadow-utils-2:4.0.3-29.RHEL3.i386",
"3AS:shadow-utils-2:4.0.3-29.RHEL3.ia64",
"3AS:shadow-utils-2:4.0.3-29.RHEL3.ppc",
"3AS:shadow-utils-2:4.0.3-29.RHEL3.s390",
"3AS:shadow-utils-2:4.0.3-29.RHEL3.s390x",
"3AS:shadow-utils-2:4.0.3-29.RHEL3.src",
"3AS:shadow-utils-2:4.0.3-29.RHEL3.x86_64",
"3AS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.i386",
"3AS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ia64",
"3AS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ppc",
"3AS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390",
"3AS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390x",
"3AS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.x86_64",
"3Desktop:shadow-utils-2:4.0.3-29.RHEL3.i386",
"3Desktop:shadow-utils-2:4.0.3-29.RHEL3.ia64",
"3Desktop:shadow-utils-2:4.0.3-29.RHEL3.ppc",
"3Desktop:shadow-utils-2:4.0.3-29.RHEL3.s390",
"3Desktop:shadow-utils-2:4.0.3-29.RHEL3.s390x",
"3Desktop:shadow-utils-2:4.0.3-29.RHEL3.src",
"3Desktop:shadow-utils-2:4.0.3-29.RHEL3.x86_64",
"3Desktop:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.i386",
"3Desktop:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ia64",
"3Desktop:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ppc",
"3Desktop:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390",
"3Desktop:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390x",
"3Desktop:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.x86_64",
"3ES:shadow-utils-2:4.0.3-29.RHEL3.i386",
"3ES:shadow-utils-2:4.0.3-29.RHEL3.ia64",
"3ES:shadow-utils-2:4.0.3-29.RHEL3.ppc",
"3ES:shadow-utils-2:4.0.3-29.RHEL3.s390",
"3ES:shadow-utils-2:4.0.3-29.RHEL3.s390x",
"3ES:shadow-utils-2:4.0.3-29.RHEL3.src",
"3ES:shadow-utils-2:4.0.3-29.RHEL3.x86_64",
"3ES:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.i386",
"3ES:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ia64",
"3ES:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ppc",
"3ES:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390",
"3ES:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390x",
"3ES:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.x86_64",
"3WS:shadow-utils-2:4.0.3-29.RHEL3.i386",
"3WS:shadow-utils-2:4.0.3-29.RHEL3.ia64",
"3WS:shadow-utils-2:4.0.3-29.RHEL3.ppc",
"3WS:shadow-utils-2:4.0.3-29.RHEL3.s390",
"3WS:shadow-utils-2:4.0.3-29.RHEL3.s390x",
"3WS:shadow-utils-2:4.0.3-29.RHEL3.src",
"3WS:shadow-utils-2:4.0.3-29.RHEL3.x86_64",
"3WS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.i386",
"3WS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ia64",
"3WS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ppc",
"3WS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390",
"3WS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390x",
"3WS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2007:0431"
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "security flaw"
}
]
}
RHSA-2007:0276
Vulnerability from csaf_redhat
Published
2007-05-01 14:18
Modified
2025-10-09 12:49
Summary
Red Hat Security Advisory: shadow-utils security and bug fix update
Notes
Topic
Updated shadow-utils packages that fix a security issue and various bugs
are now available.
This update has been rated as having low security impact by the Red Hat
Security Response Team.
Details
The shadow-utils package includes the necessary programs for converting
UNIX password files to the shadow password format, as well as programs for
managing user and group accounts.
A flaw was found in the useradd tool in shadow-utils. A new user's
mailbox, when created, could have random permissions for a short period.
This could allow a local attacker to read or modify the mailbox.
(CVE-2006-1174)
This update also fixes the following bugs:
* shadow-utils debuginfo package was empty.
* faillog was unusable on 64-bit systems. It checked every UID from 0 to
the max UID, which was an excessively large number on 64-bit systems.
* typo bug in login.defs file
All users of shadow-utils are advised to upgrade to these updated packages,
which contain backported patches to resolve these issues.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Low"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated shadow-utils packages that fix a security issue and various bugs\nare now available.\n\nThis update has been rated as having low security impact by the Red Hat\nSecurity Response Team.",
"title": "Topic"
},
{
"category": "general",
"text": "The shadow-utils package includes the necessary programs for converting\nUNIX password files to the shadow password format, as well as programs for\nmanaging user and group accounts.\n\nA flaw was found in the useradd tool in shadow-utils. A new user\u0027s\nmailbox, when created, could have random permissions for a short period.\nThis could allow a local attacker to read or modify the mailbox.\n(CVE-2006-1174)\n\nThis update also fixes the following bugs:\n\n* shadow-utils debuginfo package was empty.\n\n* faillog was unusable on 64-bit systems. It checked every UID from 0 to\nthe max UID, which was an excessively large number on 64-bit systems.\n\n* typo bug in login.defs file\n\nAll users of shadow-utils are advised to upgrade to these updated packages,\nwhich contain backported patches to resolve these issues.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2007:0276",
"url": "https://access.redhat.com/errata/RHSA-2007:0276"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#low",
"url": "https://access.redhat.com/security/updates/classification/#low"
},
{
"category": "external",
"summary": "176951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=176951"
},
{
"category": "external",
"summary": "177017",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=177017"
},
{
"category": "external",
"summary": "188263",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=188263"
},
{
"category": "external",
"summary": "193053",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=193053"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2007/rhsa-2007_0276.json"
}
],
"title": "Red Hat Security Advisory: shadow-utils security and bug fix update",
"tracking": {
"current_release_date": "2025-10-09T12:49:42+00:00",
"generator": {
"date": "2025-10-09T12:49:42+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.9"
}
},
"id": "RHSA-2007:0276",
"initial_release_date": "2007-05-01T14:18:00+00:00",
"revision_history": [
{
"date": "2007-05-01T14:18:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2007-05-01T13:30:42+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-09T12:49:42+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AS version 4",
"product": {
"name": "Red Hat Enterprise Linux AS version 4",
"product_id": "4AS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::as"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop version 4",
"product": {
"name": "Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::desktop"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ES version 4",
"product": {
"name": "Red Hat Enterprise Linux ES version 4",
"product_id": "4ES",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::es"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux WS version 4",
"product": {
"name": "Red Hat Enterprise Linux WS version 4",
"product_id": "4WS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::ws"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "shadow-utils-2:4.0.3-61.RHEL4.ia64",
"product": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.ia64",
"product_id": "shadow-utils-2:4.0.3-61.RHEL4.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/shadow-utils@4.0.3-61.RHEL4?arch=ia64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ia64",
"product": {
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ia64",
"product_id": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/shadow-utils-debuginfo@4.0.3-61.RHEL4?arch=ia64\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "shadow-utils-2:4.0.3-61.RHEL4.src",
"product": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.src",
"product_id": "shadow-utils-2:4.0.3-61.RHEL4.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/shadow-utils@4.0.3-61.RHEL4?arch=src\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "shadow-utils-2:4.0.3-61.RHEL4.x86_64",
"product": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.x86_64",
"product_id": "shadow-utils-2:4.0.3-61.RHEL4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/shadow-utils@4.0.3-61.RHEL4?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.x86_64",
"product": {
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.x86_64",
"product_id": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/shadow-utils-debuginfo@4.0.3-61.RHEL4?arch=x86_64\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "shadow-utils-2:4.0.3-61.RHEL4.i386",
"product": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.i386",
"product_id": "shadow-utils-2:4.0.3-61.RHEL4.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/shadow-utils@4.0.3-61.RHEL4?arch=i386\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.i386",
"product": {
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.i386",
"product_id": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/shadow-utils-debuginfo@4.0.3-61.RHEL4?arch=i386\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "i386"
},
{
"branches": [
{
"category": "product_version",
"name": "shadow-utils-2:4.0.3-61.RHEL4.ppc",
"product": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.ppc",
"product_id": "shadow-utils-2:4.0.3-61.RHEL4.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/shadow-utils@4.0.3-61.RHEL4?arch=ppc\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ppc",
"product": {
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ppc",
"product_id": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/shadow-utils-debuginfo@4.0.3-61.RHEL4?arch=ppc\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "ppc"
},
{
"branches": [
{
"category": "product_version",
"name": "shadow-utils-2:4.0.3-61.RHEL4.s390",
"product": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.s390",
"product_id": "shadow-utils-2:4.0.3-61.RHEL4.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/shadow-utils@4.0.3-61.RHEL4?arch=s390\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390",
"product": {
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390",
"product_id": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/shadow-utils-debuginfo@4.0.3-61.RHEL4?arch=s390\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "s390"
},
{
"branches": [
{
"category": "product_version",
"name": "shadow-utils-2:4.0.3-61.RHEL4.s390x",
"product": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.s390x",
"product_id": "shadow-utils-2:4.0.3-61.RHEL4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/shadow-utils@4.0.3-61.RHEL4?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390x",
"product": {
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390x",
"product_id": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/shadow-utils-debuginfo@4.0.3-61.RHEL4?arch=s390x\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.i386 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:shadow-utils-2:4.0.3-61.RHEL4.i386"
},
"product_reference": "shadow-utils-2:4.0.3-61.RHEL4.i386",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.ia64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:shadow-utils-2:4.0.3-61.RHEL4.ia64"
},
"product_reference": "shadow-utils-2:4.0.3-61.RHEL4.ia64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.ppc as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:shadow-utils-2:4.0.3-61.RHEL4.ppc"
},
"product_reference": "shadow-utils-2:4.0.3-61.RHEL4.ppc",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.s390 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:shadow-utils-2:4.0.3-61.RHEL4.s390"
},
"product_reference": "shadow-utils-2:4.0.3-61.RHEL4.s390",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.s390x as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:shadow-utils-2:4.0.3-61.RHEL4.s390x"
},
"product_reference": "shadow-utils-2:4.0.3-61.RHEL4.s390x",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.src as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:shadow-utils-2:4.0.3-61.RHEL4.src"
},
"product_reference": "shadow-utils-2:4.0.3-61.RHEL4.src",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:shadow-utils-2:4.0.3-61.RHEL4.x86_64"
},
"product_reference": "shadow-utils-2:4.0.3-61.RHEL4.x86_64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.i386 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.i386"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.i386",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ia64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ia64"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ia64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ppc as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ppc"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ppc",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390x as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390x"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390x",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.x86_64"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.x86_64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:shadow-utils-2:4.0.3-61.RHEL4.i386"
},
"product_reference": "shadow-utils-2:4.0.3-61.RHEL4.i386",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:shadow-utils-2:4.0.3-61.RHEL4.ia64"
},
"product_reference": "shadow-utils-2:4.0.3-61.RHEL4.ia64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:shadow-utils-2:4.0.3-61.RHEL4.ppc"
},
"product_reference": "shadow-utils-2:4.0.3-61.RHEL4.ppc",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.s390 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:shadow-utils-2:4.0.3-61.RHEL4.s390"
},
"product_reference": "shadow-utils-2:4.0.3-61.RHEL4.s390",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.s390x as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:shadow-utils-2:4.0.3-61.RHEL4.s390x"
},
"product_reference": "shadow-utils-2:4.0.3-61.RHEL4.s390x",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.src as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:shadow-utils-2:4.0.3-61.RHEL4.src"
},
"product_reference": "shadow-utils-2:4.0.3-61.RHEL4.src",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:shadow-utils-2:4.0.3-61.RHEL4.x86_64"
},
"product_reference": "shadow-utils-2:4.0.3-61.RHEL4.x86_64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.i386"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.i386",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ia64"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ia64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ppc"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ppc",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390x as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390x"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390x",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.x86_64"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.x86_64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.i386 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:shadow-utils-2:4.0.3-61.RHEL4.i386"
},
"product_reference": "shadow-utils-2:4.0.3-61.RHEL4.i386",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.ia64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:shadow-utils-2:4.0.3-61.RHEL4.ia64"
},
"product_reference": "shadow-utils-2:4.0.3-61.RHEL4.ia64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.ppc as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:shadow-utils-2:4.0.3-61.RHEL4.ppc"
},
"product_reference": "shadow-utils-2:4.0.3-61.RHEL4.ppc",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.s390 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:shadow-utils-2:4.0.3-61.RHEL4.s390"
},
"product_reference": "shadow-utils-2:4.0.3-61.RHEL4.s390",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.s390x as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:shadow-utils-2:4.0.3-61.RHEL4.s390x"
},
"product_reference": "shadow-utils-2:4.0.3-61.RHEL4.s390x",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.src as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:shadow-utils-2:4.0.3-61.RHEL4.src"
},
"product_reference": "shadow-utils-2:4.0.3-61.RHEL4.src",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:shadow-utils-2:4.0.3-61.RHEL4.x86_64"
},
"product_reference": "shadow-utils-2:4.0.3-61.RHEL4.x86_64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.i386 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.i386"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.i386",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ia64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ia64"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ia64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ppc as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ppc"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ppc",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390x as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390x"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390x",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.x86_64"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.x86_64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.i386 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:shadow-utils-2:4.0.3-61.RHEL4.i386"
},
"product_reference": "shadow-utils-2:4.0.3-61.RHEL4.i386",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.ia64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:shadow-utils-2:4.0.3-61.RHEL4.ia64"
},
"product_reference": "shadow-utils-2:4.0.3-61.RHEL4.ia64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.ppc as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:shadow-utils-2:4.0.3-61.RHEL4.ppc"
},
"product_reference": "shadow-utils-2:4.0.3-61.RHEL4.ppc",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.s390 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:shadow-utils-2:4.0.3-61.RHEL4.s390"
},
"product_reference": "shadow-utils-2:4.0.3-61.RHEL4.s390",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.s390x as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:shadow-utils-2:4.0.3-61.RHEL4.s390x"
},
"product_reference": "shadow-utils-2:4.0.3-61.RHEL4.s390x",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.src as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:shadow-utils-2:4.0.3-61.RHEL4.src"
},
"product_reference": "shadow-utils-2:4.0.3-61.RHEL4.src",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:shadow-utils-2:4.0.3-61.RHEL4.x86_64"
},
"product_reference": "shadow-utils-2:4.0.3-61.RHEL4.x86_64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.i386 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.i386"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.i386",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ia64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ia64"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ia64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ppc as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ppc"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ppc",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390x as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390x"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390x",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.x86_64"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.x86_64",
"relates_to_product_reference": "4WS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2006-1174",
"discovery_date": "2006-05-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1618029"
}
],
"notes": [
{
"category": "description",
"text": "useradd in shadow-utils before 4.0.3, and possibly other versions before 4.0.8, does not provide a required argument to the open function when creating a new user mailbox, which causes the mailbox to be created with unpredictable permissions and possibly allows attackers to read or modify the mailbox.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "security flaw",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat is aware of this issue and is tracking it via the following bugs:\nhttps://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=193053\nhttps://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=229194\n\nThe Red Hat Security Response Team has rated this issue as having low security impact, a future update may address this flaw. More information regarding issue severity can be found here:\nhttp://www.redhat.com/security/updates/classification/\n\nThe risks associated with fixing this bug are greater than the low severity security risk. We therefore currently have no plans to fix this flaw in Red Hat Enterprise Linux 2.1 which is in maintenance mode.",
"title": "Statement"
}
],
"product_status": {
"fixed": [
"4AS:shadow-utils-2:4.0.3-61.RHEL4.i386",
"4AS:shadow-utils-2:4.0.3-61.RHEL4.ia64",
"4AS:shadow-utils-2:4.0.3-61.RHEL4.ppc",
"4AS:shadow-utils-2:4.0.3-61.RHEL4.s390",
"4AS:shadow-utils-2:4.0.3-61.RHEL4.s390x",
"4AS:shadow-utils-2:4.0.3-61.RHEL4.src",
"4AS:shadow-utils-2:4.0.3-61.RHEL4.x86_64",
"4AS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.i386",
"4AS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ia64",
"4AS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ppc",
"4AS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390",
"4AS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390x",
"4AS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.x86_64",
"4Desktop:shadow-utils-2:4.0.3-61.RHEL4.i386",
"4Desktop:shadow-utils-2:4.0.3-61.RHEL4.ia64",
"4Desktop:shadow-utils-2:4.0.3-61.RHEL4.ppc",
"4Desktop:shadow-utils-2:4.0.3-61.RHEL4.s390",
"4Desktop:shadow-utils-2:4.0.3-61.RHEL4.s390x",
"4Desktop:shadow-utils-2:4.0.3-61.RHEL4.src",
"4Desktop:shadow-utils-2:4.0.3-61.RHEL4.x86_64",
"4Desktop:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.i386",
"4Desktop:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ia64",
"4Desktop:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ppc",
"4Desktop:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390",
"4Desktop:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390x",
"4Desktop:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.x86_64",
"4ES:shadow-utils-2:4.0.3-61.RHEL4.i386",
"4ES:shadow-utils-2:4.0.3-61.RHEL4.ia64",
"4ES:shadow-utils-2:4.0.3-61.RHEL4.ppc",
"4ES:shadow-utils-2:4.0.3-61.RHEL4.s390",
"4ES:shadow-utils-2:4.0.3-61.RHEL4.s390x",
"4ES:shadow-utils-2:4.0.3-61.RHEL4.src",
"4ES:shadow-utils-2:4.0.3-61.RHEL4.x86_64",
"4ES:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.i386",
"4ES:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ia64",
"4ES:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ppc",
"4ES:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390",
"4ES:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390x",
"4ES:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.x86_64",
"4WS:shadow-utils-2:4.0.3-61.RHEL4.i386",
"4WS:shadow-utils-2:4.0.3-61.RHEL4.ia64",
"4WS:shadow-utils-2:4.0.3-61.RHEL4.ppc",
"4WS:shadow-utils-2:4.0.3-61.RHEL4.s390",
"4WS:shadow-utils-2:4.0.3-61.RHEL4.s390x",
"4WS:shadow-utils-2:4.0.3-61.RHEL4.src",
"4WS:shadow-utils-2:4.0.3-61.RHEL4.x86_64",
"4WS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.i386",
"4WS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ia64",
"4WS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ppc",
"4WS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390",
"4WS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390x",
"4WS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2006-1174"
},
{
"category": "external",
"summary": "RHBZ#1618029",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618029"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2006-1174",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-1174"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-1174",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2006-1174"
}
],
"release_date": "2005-02-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2007-05-01T14:18:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied. Use Red Hat\nNetwork to download and update your packages. To launch the Red Hat\nUpdate Agent, use the following command:\n\n up2date\n\nFor information on how to install packages manually, refer to the\nfollowing Web page for the System Administration or Customization\nguide specific to your system:\n\n http://www.redhat.com/docs/manuals/enterprise/",
"product_ids": [
"4AS:shadow-utils-2:4.0.3-61.RHEL4.i386",
"4AS:shadow-utils-2:4.0.3-61.RHEL4.ia64",
"4AS:shadow-utils-2:4.0.3-61.RHEL4.ppc",
"4AS:shadow-utils-2:4.0.3-61.RHEL4.s390",
"4AS:shadow-utils-2:4.0.3-61.RHEL4.s390x",
"4AS:shadow-utils-2:4.0.3-61.RHEL4.src",
"4AS:shadow-utils-2:4.0.3-61.RHEL4.x86_64",
"4AS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.i386",
"4AS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ia64",
"4AS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ppc",
"4AS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390",
"4AS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390x",
"4AS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.x86_64",
"4Desktop:shadow-utils-2:4.0.3-61.RHEL4.i386",
"4Desktop:shadow-utils-2:4.0.3-61.RHEL4.ia64",
"4Desktop:shadow-utils-2:4.0.3-61.RHEL4.ppc",
"4Desktop:shadow-utils-2:4.0.3-61.RHEL4.s390",
"4Desktop:shadow-utils-2:4.0.3-61.RHEL4.s390x",
"4Desktop:shadow-utils-2:4.0.3-61.RHEL4.src",
"4Desktop:shadow-utils-2:4.0.3-61.RHEL4.x86_64",
"4Desktop:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.i386",
"4Desktop:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ia64",
"4Desktop:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ppc",
"4Desktop:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390",
"4Desktop:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390x",
"4Desktop:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.x86_64",
"4ES:shadow-utils-2:4.0.3-61.RHEL4.i386",
"4ES:shadow-utils-2:4.0.3-61.RHEL4.ia64",
"4ES:shadow-utils-2:4.0.3-61.RHEL4.ppc",
"4ES:shadow-utils-2:4.0.3-61.RHEL4.s390",
"4ES:shadow-utils-2:4.0.3-61.RHEL4.s390x",
"4ES:shadow-utils-2:4.0.3-61.RHEL4.src",
"4ES:shadow-utils-2:4.0.3-61.RHEL4.x86_64",
"4ES:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.i386",
"4ES:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ia64",
"4ES:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ppc",
"4ES:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390",
"4ES:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390x",
"4ES:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.x86_64",
"4WS:shadow-utils-2:4.0.3-61.RHEL4.i386",
"4WS:shadow-utils-2:4.0.3-61.RHEL4.ia64",
"4WS:shadow-utils-2:4.0.3-61.RHEL4.ppc",
"4WS:shadow-utils-2:4.0.3-61.RHEL4.s390",
"4WS:shadow-utils-2:4.0.3-61.RHEL4.s390x",
"4WS:shadow-utils-2:4.0.3-61.RHEL4.src",
"4WS:shadow-utils-2:4.0.3-61.RHEL4.x86_64",
"4WS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.i386",
"4WS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ia64",
"4WS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ppc",
"4WS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390",
"4WS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390x",
"4WS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2007:0276"
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "security flaw"
}
]
}
rhsa-2007_0431
Vulnerability from csaf_redhat
Published
2007-06-07 20:16
Modified
2024-11-22 00:36
Summary
Red Hat Security Advisory: shadow-utils security and bug fix update
Notes
Topic
An updated shadow-utils package that fixes a security issue and several
bugs is now available.
This update has been rated as having low security impact by the Red Hat
Security Response Team.
Details
The shadow-utils package includes the necessary programs for converting
UNIX password files to the shadow password format, as well as programs
for managing user and group accounts.
A flaw was found in the useradd tool in shadow-utils. A new user's
mailbox, when created, could have random permissions for a short period.
This could allow a local attacker to read or modify the mailbox.
(CVE-2006-1174)
This update also fixes the following bugs:
* shadow-utils debuginfo package was empty.
* chage.1 and chage -l gave incorrect information about sp_inact.
All users of shadow-utils are advised to upgrade to this updated
package, which contains backported patches to resolve these issues.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Low"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An updated shadow-utils package that fixes a security issue and several\nbugs is now available.\n\nThis update has been rated as having low security impact by the Red Hat\nSecurity Response Team.",
"title": "Topic"
},
{
"category": "general",
"text": "The shadow-utils package includes the necessary programs for converting\nUNIX password files to the shadow password format, as well as programs \nfor managing user and group accounts. \n\nA flaw was found in the useradd tool in shadow-utils. A new user\u0027s\nmailbox, when created, could have random permissions for a short period.\nThis could allow a local attacker to read or modify the mailbox.\n(CVE-2006-1174)\n\nThis update also fixes the following bugs:\n\n* shadow-utils debuginfo package was empty.\n\n* chage.1 and chage -l gave incorrect information about sp_inact.\n\nAll users of shadow-utils are advised to upgrade to this updated \npackage, which contains backported patches to resolve these issues.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2007:0431",
"url": "https://access.redhat.com/errata/RHSA-2007:0431"
},
{
"category": "external",
"summary": "http://www.redhat.com/security/updates/classification/#low",
"url": "http://www.redhat.com/security/updates/classification/#low"
},
{
"category": "external",
"summary": "176949",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=176949"
},
{
"category": "external",
"summary": "216635",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=216635"
},
{
"category": "external",
"summary": "229194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=229194"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2007/rhsa-2007_0431.json"
}
],
"title": "Red Hat Security Advisory: shadow-utils security and bug fix update",
"tracking": {
"current_release_date": "2024-11-22T00:36:04+00:00",
"generator": {
"date": "2024-11-22T00:36:04+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2007:0431",
"initial_release_date": "2007-06-07T20:16:00+00:00",
"revision_history": [
{
"date": "2007-06-07T20:16:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2007-06-07T16:16:45+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T00:36:04+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AS version 3",
"product": {
"name": "Red Hat Enterprise Linux AS version 3",
"product_id": "3AS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:3::as"
}
}
},
{
"category": "product_name",
"name": "Red Hat Desktop version 3",
"product": {
"name": "Red Hat Desktop version 3",
"product_id": "3Desktop",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:3::desktop"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ES version 3",
"product": {
"name": "Red Hat Enterprise Linux ES version 3",
"product_id": "3ES",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:3::es"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux WS version 3",
"product": {
"name": "Red Hat Enterprise Linux WS version 3",
"product_id": "3WS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:3::ws"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "shadow-utils-2:4.0.3-29.RHEL3.ia64",
"product": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.ia64",
"product_id": "shadow-utils-2:4.0.3-29.RHEL3.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/shadow-utils@4.0.3-29.RHEL3?arch=ia64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ia64",
"product": {
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ia64",
"product_id": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/shadow-utils-debuginfo@4.0.3-29.RHEL3?arch=ia64\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "shadow-utils-2:4.0.3-29.RHEL3.src",
"product": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.src",
"product_id": "shadow-utils-2:4.0.3-29.RHEL3.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/shadow-utils@4.0.3-29.RHEL3?arch=src\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "shadow-utils-2:4.0.3-29.RHEL3.x86_64",
"product": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.x86_64",
"product_id": "shadow-utils-2:4.0.3-29.RHEL3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/shadow-utils@4.0.3-29.RHEL3?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.x86_64",
"product": {
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.x86_64",
"product_id": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/shadow-utils-debuginfo@4.0.3-29.RHEL3?arch=x86_64\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "shadow-utils-2:4.0.3-29.RHEL3.i386",
"product": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.i386",
"product_id": "shadow-utils-2:4.0.3-29.RHEL3.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/shadow-utils@4.0.3-29.RHEL3?arch=i386\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.i386",
"product": {
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.i386",
"product_id": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/shadow-utils-debuginfo@4.0.3-29.RHEL3?arch=i386\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "i386"
},
{
"branches": [
{
"category": "product_version",
"name": "shadow-utils-2:4.0.3-29.RHEL3.ppc",
"product": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.ppc",
"product_id": "shadow-utils-2:4.0.3-29.RHEL3.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/shadow-utils@4.0.3-29.RHEL3?arch=ppc\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ppc",
"product": {
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ppc",
"product_id": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/shadow-utils-debuginfo@4.0.3-29.RHEL3?arch=ppc\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "ppc"
},
{
"branches": [
{
"category": "product_version",
"name": "shadow-utils-2:4.0.3-29.RHEL3.s390x",
"product": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.s390x",
"product_id": "shadow-utils-2:4.0.3-29.RHEL3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/shadow-utils@4.0.3-29.RHEL3?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390x",
"product": {
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390x",
"product_id": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/shadow-utils-debuginfo@4.0.3-29.RHEL3?arch=s390x\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "shadow-utils-2:4.0.3-29.RHEL3.s390",
"product": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.s390",
"product_id": "shadow-utils-2:4.0.3-29.RHEL3.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/shadow-utils@4.0.3-29.RHEL3?arch=s390\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390",
"product": {
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390",
"product_id": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/shadow-utils-debuginfo@4.0.3-29.RHEL3?arch=s390\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "s390"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.i386 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:shadow-utils-2:4.0.3-29.RHEL3.i386"
},
"product_reference": "shadow-utils-2:4.0.3-29.RHEL3.i386",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.ia64 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:shadow-utils-2:4.0.3-29.RHEL3.ia64"
},
"product_reference": "shadow-utils-2:4.0.3-29.RHEL3.ia64",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.ppc as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:shadow-utils-2:4.0.3-29.RHEL3.ppc"
},
"product_reference": "shadow-utils-2:4.0.3-29.RHEL3.ppc",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.s390 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:shadow-utils-2:4.0.3-29.RHEL3.s390"
},
"product_reference": "shadow-utils-2:4.0.3-29.RHEL3.s390",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.s390x as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:shadow-utils-2:4.0.3-29.RHEL3.s390x"
},
"product_reference": "shadow-utils-2:4.0.3-29.RHEL3.s390x",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.src as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:shadow-utils-2:4.0.3-29.RHEL3.src"
},
"product_reference": "shadow-utils-2:4.0.3-29.RHEL3.src",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.x86_64 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:shadow-utils-2:4.0.3-29.RHEL3.x86_64"
},
"product_reference": "shadow-utils-2:4.0.3-29.RHEL3.x86_64",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.i386 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.i386"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.i386",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ia64 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ia64"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ia64",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ppc as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ppc"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ppc",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390x as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390x"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390x",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.x86_64 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.x86_64"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.x86_64",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.i386 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:shadow-utils-2:4.0.3-29.RHEL3.i386"
},
"product_reference": "shadow-utils-2:4.0.3-29.RHEL3.i386",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.ia64 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:shadow-utils-2:4.0.3-29.RHEL3.ia64"
},
"product_reference": "shadow-utils-2:4.0.3-29.RHEL3.ia64",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.ppc as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:shadow-utils-2:4.0.3-29.RHEL3.ppc"
},
"product_reference": "shadow-utils-2:4.0.3-29.RHEL3.ppc",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.s390 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:shadow-utils-2:4.0.3-29.RHEL3.s390"
},
"product_reference": "shadow-utils-2:4.0.3-29.RHEL3.s390",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.s390x as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:shadow-utils-2:4.0.3-29.RHEL3.s390x"
},
"product_reference": "shadow-utils-2:4.0.3-29.RHEL3.s390x",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.src as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:shadow-utils-2:4.0.3-29.RHEL3.src"
},
"product_reference": "shadow-utils-2:4.0.3-29.RHEL3.src",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.x86_64 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:shadow-utils-2:4.0.3-29.RHEL3.x86_64"
},
"product_reference": "shadow-utils-2:4.0.3-29.RHEL3.x86_64",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.i386 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.i386"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.i386",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ia64 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ia64"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ia64",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ppc as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ppc"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ppc",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390x as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390x"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390x",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.x86_64 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.x86_64"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.x86_64",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.i386 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:shadow-utils-2:4.0.3-29.RHEL3.i386"
},
"product_reference": "shadow-utils-2:4.0.3-29.RHEL3.i386",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.ia64 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:shadow-utils-2:4.0.3-29.RHEL3.ia64"
},
"product_reference": "shadow-utils-2:4.0.3-29.RHEL3.ia64",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.ppc as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:shadow-utils-2:4.0.3-29.RHEL3.ppc"
},
"product_reference": "shadow-utils-2:4.0.3-29.RHEL3.ppc",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.s390 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:shadow-utils-2:4.0.3-29.RHEL3.s390"
},
"product_reference": "shadow-utils-2:4.0.3-29.RHEL3.s390",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.s390x as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:shadow-utils-2:4.0.3-29.RHEL3.s390x"
},
"product_reference": "shadow-utils-2:4.0.3-29.RHEL3.s390x",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.src as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:shadow-utils-2:4.0.3-29.RHEL3.src"
},
"product_reference": "shadow-utils-2:4.0.3-29.RHEL3.src",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.x86_64 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:shadow-utils-2:4.0.3-29.RHEL3.x86_64"
},
"product_reference": "shadow-utils-2:4.0.3-29.RHEL3.x86_64",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.i386 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.i386"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.i386",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ia64 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ia64"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ia64",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ppc as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ppc"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ppc",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390x as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390x"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390x",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.x86_64 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.x86_64"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.x86_64",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.i386 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:shadow-utils-2:4.0.3-29.RHEL3.i386"
},
"product_reference": "shadow-utils-2:4.0.3-29.RHEL3.i386",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.ia64 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:shadow-utils-2:4.0.3-29.RHEL3.ia64"
},
"product_reference": "shadow-utils-2:4.0.3-29.RHEL3.ia64",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.ppc as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:shadow-utils-2:4.0.3-29.RHEL3.ppc"
},
"product_reference": "shadow-utils-2:4.0.3-29.RHEL3.ppc",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.s390 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:shadow-utils-2:4.0.3-29.RHEL3.s390"
},
"product_reference": "shadow-utils-2:4.0.3-29.RHEL3.s390",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.s390x as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:shadow-utils-2:4.0.3-29.RHEL3.s390x"
},
"product_reference": "shadow-utils-2:4.0.3-29.RHEL3.s390x",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.src as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:shadow-utils-2:4.0.3-29.RHEL3.src"
},
"product_reference": "shadow-utils-2:4.0.3-29.RHEL3.src",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.x86_64 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:shadow-utils-2:4.0.3-29.RHEL3.x86_64"
},
"product_reference": "shadow-utils-2:4.0.3-29.RHEL3.x86_64",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.i386 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.i386"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.i386",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ia64 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ia64"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ia64",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ppc as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ppc"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ppc",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390x as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390x"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390x",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.x86_64 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.x86_64"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.x86_64",
"relates_to_product_reference": "3WS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2006-1174",
"discovery_date": "2006-05-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1618029"
}
],
"notes": [
{
"category": "description",
"text": "useradd in shadow-utils before 4.0.3, and possibly other versions before 4.0.8, does not provide a required argument to the open function when creating a new user mailbox, which causes the mailbox to be created with unpredictable permissions and possibly allows attackers to read or modify the mailbox.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "security flaw",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat is aware of this issue and is tracking it via the following bugs:\nhttps://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=193053\nhttps://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=229194\n\nThe Red Hat Security Response Team has rated this issue as having low security impact, a future update may address this flaw. More information regarding issue severity can be found here:\nhttp://www.redhat.com/security/updates/classification/\n\nThe risks associated with fixing this bug are greater than the low severity security risk. We therefore currently have no plans to fix this flaw in Red Hat Enterprise Linux 2.1 which is in maintenance mode.",
"title": "Statement"
}
],
"product_status": {
"fixed": [
"3AS:shadow-utils-2:4.0.3-29.RHEL3.i386",
"3AS:shadow-utils-2:4.0.3-29.RHEL3.ia64",
"3AS:shadow-utils-2:4.0.3-29.RHEL3.ppc",
"3AS:shadow-utils-2:4.0.3-29.RHEL3.s390",
"3AS:shadow-utils-2:4.0.3-29.RHEL3.s390x",
"3AS:shadow-utils-2:4.0.3-29.RHEL3.src",
"3AS:shadow-utils-2:4.0.3-29.RHEL3.x86_64",
"3AS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.i386",
"3AS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ia64",
"3AS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ppc",
"3AS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390",
"3AS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390x",
"3AS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.x86_64",
"3Desktop:shadow-utils-2:4.0.3-29.RHEL3.i386",
"3Desktop:shadow-utils-2:4.0.3-29.RHEL3.ia64",
"3Desktop:shadow-utils-2:4.0.3-29.RHEL3.ppc",
"3Desktop:shadow-utils-2:4.0.3-29.RHEL3.s390",
"3Desktop:shadow-utils-2:4.0.3-29.RHEL3.s390x",
"3Desktop:shadow-utils-2:4.0.3-29.RHEL3.src",
"3Desktop:shadow-utils-2:4.0.3-29.RHEL3.x86_64",
"3Desktop:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.i386",
"3Desktop:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ia64",
"3Desktop:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ppc",
"3Desktop:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390",
"3Desktop:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390x",
"3Desktop:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.x86_64",
"3ES:shadow-utils-2:4.0.3-29.RHEL3.i386",
"3ES:shadow-utils-2:4.0.3-29.RHEL3.ia64",
"3ES:shadow-utils-2:4.0.3-29.RHEL3.ppc",
"3ES:shadow-utils-2:4.0.3-29.RHEL3.s390",
"3ES:shadow-utils-2:4.0.3-29.RHEL3.s390x",
"3ES:shadow-utils-2:4.0.3-29.RHEL3.src",
"3ES:shadow-utils-2:4.0.3-29.RHEL3.x86_64",
"3ES:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.i386",
"3ES:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ia64",
"3ES:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ppc",
"3ES:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390",
"3ES:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390x",
"3ES:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.x86_64",
"3WS:shadow-utils-2:4.0.3-29.RHEL3.i386",
"3WS:shadow-utils-2:4.0.3-29.RHEL3.ia64",
"3WS:shadow-utils-2:4.0.3-29.RHEL3.ppc",
"3WS:shadow-utils-2:4.0.3-29.RHEL3.s390",
"3WS:shadow-utils-2:4.0.3-29.RHEL3.s390x",
"3WS:shadow-utils-2:4.0.3-29.RHEL3.src",
"3WS:shadow-utils-2:4.0.3-29.RHEL3.x86_64",
"3WS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.i386",
"3WS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ia64",
"3WS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ppc",
"3WS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390",
"3WS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390x",
"3WS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2006-1174"
},
{
"category": "external",
"summary": "RHBZ#1618029",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618029"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2006-1174",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-1174"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-1174",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2006-1174"
}
],
"release_date": "2005-02-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2007-06-07T20:16:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied. Use Red Hat\nNetwork to download and update your packages. To launch the Red Hat\nUpdate Agent, use the following command:\n\n up2date\n\nFor information on how to install packages manually, refer to the\nfollowing Web page for the System Administration or Customization\nguide specific to your system:\n\n http://www.redhat.com/docs/manuals/enterprise/",
"product_ids": [
"3AS:shadow-utils-2:4.0.3-29.RHEL3.i386",
"3AS:shadow-utils-2:4.0.3-29.RHEL3.ia64",
"3AS:shadow-utils-2:4.0.3-29.RHEL3.ppc",
"3AS:shadow-utils-2:4.0.3-29.RHEL3.s390",
"3AS:shadow-utils-2:4.0.3-29.RHEL3.s390x",
"3AS:shadow-utils-2:4.0.3-29.RHEL3.src",
"3AS:shadow-utils-2:4.0.3-29.RHEL3.x86_64",
"3AS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.i386",
"3AS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ia64",
"3AS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ppc",
"3AS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390",
"3AS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390x",
"3AS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.x86_64",
"3Desktop:shadow-utils-2:4.0.3-29.RHEL3.i386",
"3Desktop:shadow-utils-2:4.0.3-29.RHEL3.ia64",
"3Desktop:shadow-utils-2:4.0.3-29.RHEL3.ppc",
"3Desktop:shadow-utils-2:4.0.3-29.RHEL3.s390",
"3Desktop:shadow-utils-2:4.0.3-29.RHEL3.s390x",
"3Desktop:shadow-utils-2:4.0.3-29.RHEL3.src",
"3Desktop:shadow-utils-2:4.0.3-29.RHEL3.x86_64",
"3Desktop:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.i386",
"3Desktop:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ia64",
"3Desktop:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ppc",
"3Desktop:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390",
"3Desktop:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390x",
"3Desktop:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.x86_64",
"3ES:shadow-utils-2:4.0.3-29.RHEL3.i386",
"3ES:shadow-utils-2:4.0.3-29.RHEL3.ia64",
"3ES:shadow-utils-2:4.0.3-29.RHEL3.ppc",
"3ES:shadow-utils-2:4.0.3-29.RHEL3.s390",
"3ES:shadow-utils-2:4.0.3-29.RHEL3.s390x",
"3ES:shadow-utils-2:4.0.3-29.RHEL3.src",
"3ES:shadow-utils-2:4.0.3-29.RHEL3.x86_64",
"3ES:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.i386",
"3ES:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ia64",
"3ES:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ppc",
"3ES:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390",
"3ES:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390x",
"3ES:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.x86_64",
"3WS:shadow-utils-2:4.0.3-29.RHEL3.i386",
"3WS:shadow-utils-2:4.0.3-29.RHEL3.ia64",
"3WS:shadow-utils-2:4.0.3-29.RHEL3.ppc",
"3WS:shadow-utils-2:4.0.3-29.RHEL3.s390",
"3WS:shadow-utils-2:4.0.3-29.RHEL3.s390x",
"3WS:shadow-utils-2:4.0.3-29.RHEL3.src",
"3WS:shadow-utils-2:4.0.3-29.RHEL3.x86_64",
"3WS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.i386",
"3WS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ia64",
"3WS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ppc",
"3WS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390",
"3WS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390x",
"3WS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2007:0431"
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "security flaw"
}
]
}
rhsa-2007:0276
Vulnerability from csaf_redhat
Published
2007-05-01 14:18
Modified
2025-10-09 12:49
Summary
Red Hat Security Advisory: shadow-utils security and bug fix update
Notes
Topic
Updated shadow-utils packages that fix a security issue and various bugs
are now available.
This update has been rated as having low security impact by the Red Hat
Security Response Team.
Details
The shadow-utils package includes the necessary programs for converting
UNIX password files to the shadow password format, as well as programs for
managing user and group accounts.
A flaw was found in the useradd tool in shadow-utils. A new user's
mailbox, when created, could have random permissions for a short period.
This could allow a local attacker to read or modify the mailbox.
(CVE-2006-1174)
This update also fixes the following bugs:
* shadow-utils debuginfo package was empty.
* faillog was unusable on 64-bit systems. It checked every UID from 0 to
the max UID, which was an excessively large number on 64-bit systems.
* typo bug in login.defs file
All users of shadow-utils are advised to upgrade to these updated packages,
which contain backported patches to resolve these issues.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Low"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated shadow-utils packages that fix a security issue and various bugs\nare now available.\n\nThis update has been rated as having low security impact by the Red Hat\nSecurity Response Team.",
"title": "Topic"
},
{
"category": "general",
"text": "The shadow-utils package includes the necessary programs for converting\nUNIX password files to the shadow password format, as well as programs for\nmanaging user and group accounts.\n\nA flaw was found in the useradd tool in shadow-utils. A new user\u0027s\nmailbox, when created, could have random permissions for a short period.\nThis could allow a local attacker to read or modify the mailbox.\n(CVE-2006-1174)\n\nThis update also fixes the following bugs:\n\n* shadow-utils debuginfo package was empty.\n\n* faillog was unusable on 64-bit systems. It checked every UID from 0 to\nthe max UID, which was an excessively large number on 64-bit systems.\n\n* typo bug in login.defs file\n\nAll users of shadow-utils are advised to upgrade to these updated packages,\nwhich contain backported patches to resolve these issues.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2007:0276",
"url": "https://access.redhat.com/errata/RHSA-2007:0276"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#low",
"url": "https://access.redhat.com/security/updates/classification/#low"
},
{
"category": "external",
"summary": "176951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=176951"
},
{
"category": "external",
"summary": "177017",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=177017"
},
{
"category": "external",
"summary": "188263",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=188263"
},
{
"category": "external",
"summary": "193053",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=193053"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2007/rhsa-2007_0276.json"
}
],
"title": "Red Hat Security Advisory: shadow-utils security and bug fix update",
"tracking": {
"current_release_date": "2025-10-09T12:49:42+00:00",
"generator": {
"date": "2025-10-09T12:49:42+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.9"
}
},
"id": "RHSA-2007:0276",
"initial_release_date": "2007-05-01T14:18:00+00:00",
"revision_history": [
{
"date": "2007-05-01T14:18:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2007-05-01T13:30:42+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-09T12:49:42+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AS version 4",
"product": {
"name": "Red Hat Enterprise Linux AS version 4",
"product_id": "4AS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::as"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop version 4",
"product": {
"name": "Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::desktop"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ES version 4",
"product": {
"name": "Red Hat Enterprise Linux ES version 4",
"product_id": "4ES",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::es"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux WS version 4",
"product": {
"name": "Red Hat Enterprise Linux WS version 4",
"product_id": "4WS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::ws"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "shadow-utils-2:4.0.3-61.RHEL4.ia64",
"product": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.ia64",
"product_id": "shadow-utils-2:4.0.3-61.RHEL4.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/shadow-utils@4.0.3-61.RHEL4?arch=ia64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ia64",
"product": {
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ia64",
"product_id": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/shadow-utils-debuginfo@4.0.3-61.RHEL4?arch=ia64\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "shadow-utils-2:4.0.3-61.RHEL4.src",
"product": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.src",
"product_id": "shadow-utils-2:4.0.3-61.RHEL4.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/shadow-utils@4.0.3-61.RHEL4?arch=src\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "shadow-utils-2:4.0.3-61.RHEL4.x86_64",
"product": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.x86_64",
"product_id": "shadow-utils-2:4.0.3-61.RHEL4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/shadow-utils@4.0.3-61.RHEL4?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.x86_64",
"product": {
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.x86_64",
"product_id": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/shadow-utils-debuginfo@4.0.3-61.RHEL4?arch=x86_64\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "shadow-utils-2:4.0.3-61.RHEL4.i386",
"product": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.i386",
"product_id": "shadow-utils-2:4.0.3-61.RHEL4.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/shadow-utils@4.0.3-61.RHEL4?arch=i386\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.i386",
"product": {
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.i386",
"product_id": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/shadow-utils-debuginfo@4.0.3-61.RHEL4?arch=i386\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "i386"
},
{
"branches": [
{
"category": "product_version",
"name": "shadow-utils-2:4.0.3-61.RHEL4.ppc",
"product": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.ppc",
"product_id": "shadow-utils-2:4.0.3-61.RHEL4.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/shadow-utils@4.0.3-61.RHEL4?arch=ppc\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ppc",
"product": {
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ppc",
"product_id": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/shadow-utils-debuginfo@4.0.3-61.RHEL4?arch=ppc\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "ppc"
},
{
"branches": [
{
"category": "product_version",
"name": "shadow-utils-2:4.0.3-61.RHEL4.s390",
"product": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.s390",
"product_id": "shadow-utils-2:4.0.3-61.RHEL4.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/shadow-utils@4.0.3-61.RHEL4?arch=s390\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390",
"product": {
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390",
"product_id": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/shadow-utils-debuginfo@4.0.3-61.RHEL4?arch=s390\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "s390"
},
{
"branches": [
{
"category": "product_version",
"name": "shadow-utils-2:4.0.3-61.RHEL4.s390x",
"product": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.s390x",
"product_id": "shadow-utils-2:4.0.3-61.RHEL4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/shadow-utils@4.0.3-61.RHEL4?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390x",
"product": {
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390x",
"product_id": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/shadow-utils-debuginfo@4.0.3-61.RHEL4?arch=s390x\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.i386 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:shadow-utils-2:4.0.3-61.RHEL4.i386"
},
"product_reference": "shadow-utils-2:4.0.3-61.RHEL4.i386",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.ia64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:shadow-utils-2:4.0.3-61.RHEL4.ia64"
},
"product_reference": "shadow-utils-2:4.0.3-61.RHEL4.ia64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.ppc as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:shadow-utils-2:4.0.3-61.RHEL4.ppc"
},
"product_reference": "shadow-utils-2:4.0.3-61.RHEL4.ppc",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.s390 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:shadow-utils-2:4.0.3-61.RHEL4.s390"
},
"product_reference": "shadow-utils-2:4.0.3-61.RHEL4.s390",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.s390x as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:shadow-utils-2:4.0.3-61.RHEL4.s390x"
},
"product_reference": "shadow-utils-2:4.0.3-61.RHEL4.s390x",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.src as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:shadow-utils-2:4.0.3-61.RHEL4.src"
},
"product_reference": "shadow-utils-2:4.0.3-61.RHEL4.src",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:shadow-utils-2:4.0.3-61.RHEL4.x86_64"
},
"product_reference": "shadow-utils-2:4.0.3-61.RHEL4.x86_64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.i386 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.i386"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.i386",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ia64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ia64"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ia64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ppc as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ppc"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ppc",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390x as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390x"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390x",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.x86_64"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.x86_64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:shadow-utils-2:4.0.3-61.RHEL4.i386"
},
"product_reference": "shadow-utils-2:4.0.3-61.RHEL4.i386",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:shadow-utils-2:4.0.3-61.RHEL4.ia64"
},
"product_reference": "shadow-utils-2:4.0.3-61.RHEL4.ia64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:shadow-utils-2:4.0.3-61.RHEL4.ppc"
},
"product_reference": "shadow-utils-2:4.0.3-61.RHEL4.ppc",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.s390 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:shadow-utils-2:4.0.3-61.RHEL4.s390"
},
"product_reference": "shadow-utils-2:4.0.3-61.RHEL4.s390",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.s390x as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:shadow-utils-2:4.0.3-61.RHEL4.s390x"
},
"product_reference": "shadow-utils-2:4.0.3-61.RHEL4.s390x",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.src as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:shadow-utils-2:4.0.3-61.RHEL4.src"
},
"product_reference": "shadow-utils-2:4.0.3-61.RHEL4.src",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:shadow-utils-2:4.0.3-61.RHEL4.x86_64"
},
"product_reference": "shadow-utils-2:4.0.3-61.RHEL4.x86_64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.i386"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.i386",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ia64"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ia64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ppc"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ppc",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390x as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390x"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390x",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.x86_64"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.x86_64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.i386 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:shadow-utils-2:4.0.3-61.RHEL4.i386"
},
"product_reference": "shadow-utils-2:4.0.3-61.RHEL4.i386",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.ia64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:shadow-utils-2:4.0.3-61.RHEL4.ia64"
},
"product_reference": "shadow-utils-2:4.0.3-61.RHEL4.ia64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.ppc as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:shadow-utils-2:4.0.3-61.RHEL4.ppc"
},
"product_reference": "shadow-utils-2:4.0.3-61.RHEL4.ppc",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.s390 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:shadow-utils-2:4.0.3-61.RHEL4.s390"
},
"product_reference": "shadow-utils-2:4.0.3-61.RHEL4.s390",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.s390x as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:shadow-utils-2:4.0.3-61.RHEL4.s390x"
},
"product_reference": "shadow-utils-2:4.0.3-61.RHEL4.s390x",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.src as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:shadow-utils-2:4.0.3-61.RHEL4.src"
},
"product_reference": "shadow-utils-2:4.0.3-61.RHEL4.src",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:shadow-utils-2:4.0.3-61.RHEL4.x86_64"
},
"product_reference": "shadow-utils-2:4.0.3-61.RHEL4.x86_64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.i386 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.i386"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.i386",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ia64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ia64"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ia64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ppc as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ppc"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ppc",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390x as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390x"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390x",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.x86_64"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.x86_64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.i386 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:shadow-utils-2:4.0.3-61.RHEL4.i386"
},
"product_reference": "shadow-utils-2:4.0.3-61.RHEL4.i386",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.ia64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:shadow-utils-2:4.0.3-61.RHEL4.ia64"
},
"product_reference": "shadow-utils-2:4.0.3-61.RHEL4.ia64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.ppc as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:shadow-utils-2:4.0.3-61.RHEL4.ppc"
},
"product_reference": "shadow-utils-2:4.0.3-61.RHEL4.ppc",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.s390 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:shadow-utils-2:4.0.3-61.RHEL4.s390"
},
"product_reference": "shadow-utils-2:4.0.3-61.RHEL4.s390",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.s390x as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:shadow-utils-2:4.0.3-61.RHEL4.s390x"
},
"product_reference": "shadow-utils-2:4.0.3-61.RHEL4.s390x",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.src as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:shadow-utils-2:4.0.3-61.RHEL4.src"
},
"product_reference": "shadow-utils-2:4.0.3-61.RHEL4.src",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:shadow-utils-2:4.0.3-61.RHEL4.x86_64"
},
"product_reference": "shadow-utils-2:4.0.3-61.RHEL4.x86_64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.i386 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.i386"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.i386",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ia64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ia64"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ia64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ppc as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ppc"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ppc",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390x as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390x"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390x",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.x86_64"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.x86_64",
"relates_to_product_reference": "4WS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2006-1174",
"discovery_date": "2006-05-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1618029"
}
],
"notes": [
{
"category": "description",
"text": "useradd in shadow-utils before 4.0.3, and possibly other versions before 4.0.8, does not provide a required argument to the open function when creating a new user mailbox, which causes the mailbox to be created with unpredictable permissions and possibly allows attackers to read or modify the mailbox.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "security flaw",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat is aware of this issue and is tracking it via the following bugs:\nhttps://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=193053\nhttps://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=229194\n\nThe Red Hat Security Response Team has rated this issue as having low security impact, a future update may address this flaw. More information regarding issue severity can be found here:\nhttp://www.redhat.com/security/updates/classification/\n\nThe risks associated with fixing this bug are greater than the low severity security risk. We therefore currently have no plans to fix this flaw in Red Hat Enterprise Linux 2.1 which is in maintenance mode.",
"title": "Statement"
}
],
"product_status": {
"fixed": [
"4AS:shadow-utils-2:4.0.3-61.RHEL4.i386",
"4AS:shadow-utils-2:4.0.3-61.RHEL4.ia64",
"4AS:shadow-utils-2:4.0.3-61.RHEL4.ppc",
"4AS:shadow-utils-2:4.0.3-61.RHEL4.s390",
"4AS:shadow-utils-2:4.0.3-61.RHEL4.s390x",
"4AS:shadow-utils-2:4.0.3-61.RHEL4.src",
"4AS:shadow-utils-2:4.0.3-61.RHEL4.x86_64",
"4AS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.i386",
"4AS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ia64",
"4AS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ppc",
"4AS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390",
"4AS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390x",
"4AS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.x86_64",
"4Desktop:shadow-utils-2:4.0.3-61.RHEL4.i386",
"4Desktop:shadow-utils-2:4.0.3-61.RHEL4.ia64",
"4Desktop:shadow-utils-2:4.0.3-61.RHEL4.ppc",
"4Desktop:shadow-utils-2:4.0.3-61.RHEL4.s390",
"4Desktop:shadow-utils-2:4.0.3-61.RHEL4.s390x",
"4Desktop:shadow-utils-2:4.0.3-61.RHEL4.src",
"4Desktop:shadow-utils-2:4.0.3-61.RHEL4.x86_64",
"4Desktop:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.i386",
"4Desktop:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ia64",
"4Desktop:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ppc",
"4Desktop:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390",
"4Desktop:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390x",
"4Desktop:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.x86_64",
"4ES:shadow-utils-2:4.0.3-61.RHEL4.i386",
"4ES:shadow-utils-2:4.0.3-61.RHEL4.ia64",
"4ES:shadow-utils-2:4.0.3-61.RHEL4.ppc",
"4ES:shadow-utils-2:4.0.3-61.RHEL4.s390",
"4ES:shadow-utils-2:4.0.3-61.RHEL4.s390x",
"4ES:shadow-utils-2:4.0.3-61.RHEL4.src",
"4ES:shadow-utils-2:4.0.3-61.RHEL4.x86_64",
"4ES:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.i386",
"4ES:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ia64",
"4ES:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ppc",
"4ES:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390",
"4ES:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390x",
"4ES:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.x86_64",
"4WS:shadow-utils-2:4.0.3-61.RHEL4.i386",
"4WS:shadow-utils-2:4.0.3-61.RHEL4.ia64",
"4WS:shadow-utils-2:4.0.3-61.RHEL4.ppc",
"4WS:shadow-utils-2:4.0.3-61.RHEL4.s390",
"4WS:shadow-utils-2:4.0.3-61.RHEL4.s390x",
"4WS:shadow-utils-2:4.0.3-61.RHEL4.src",
"4WS:shadow-utils-2:4.0.3-61.RHEL4.x86_64",
"4WS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.i386",
"4WS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ia64",
"4WS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ppc",
"4WS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390",
"4WS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390x",
"4WS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2006-1174"
},
{
"category": "external",
"summary": "RHBZ#1618029",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618029"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2006-1174",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-1174"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-1174",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2006-1174"
}
],
"release_date": "2005-02-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2007-05-01T14:18:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied. Use Red Hat\nNetwork to download and update your packages. To launch the Red Hat\nUpdate Agent, use the following command:\n\n up2date\n\nFor information on how to install packages manually, refer to the\nfollowing Web page for the System Administration or Customization\nguide specific to your system:\n\n http://www.redhat.com/docs/manuals/enterprise/",
"product_ids": [
"4AS:shadow-utils-2:4.0.3-61.RHEL4.i386",
"4AS:shadow-utils-2:4.0.3-61.RHEL4.ia64",
"4AS:shadow-utils-2:4.0.3-61.RHEL4.ppc",
"4AS:shadow-utils-2:4.0.3-61.RHEL4.s390",
"4AS:shadow-utils-2:4.0.3-61.RHEL4.s390x",
"4AS:shadow-utils-2:4.0.3-61.RHEL4.src",
"4AS:shadow-utils-2:4.0.3-61.RHEL4.x86_64",
"4AS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.i386",
"4AS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ia64",
"4AS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ppc",
"4AS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390",
"4AS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390x",
"4AS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.x86_64",
"4Desktop:shadow-utils-2:4.0.3-61.RHEL4.i386",
"4Desktop:shadow-utils-2:4.0.3-61.RHEL4.ia64",
"4Desktop:shadow-utils-2:4.0.3-61.RHEL4.ppc",
"4Desktop:shadow-utils-2:4.0.3-61.RHEL4.s390",
"4Desktop:shadow-utils-2:4.0.3-61.RHEL4.s390x",
"4Desktop:shadow-utils-2:4.0.3-61.RHEL4.src",
"4Desktop:shadow-utils-2:4.0.3-61.RHEL4.x86_64",
"4Desktop:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.i386",
"4Desktop:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ia64",
"4Desktop:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ppc",
"4Desktop:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390",
"4Desktop:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390x",
"4Desktop:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.x86_64",
"4ES:shadow-utils-2:4.0.3-61.RHEL4.i386",
"4ES:shadow-utils-2:4.0.3-61.RHEL4.ia64",
"4ES:shadow-utils-2:4.0.3-61.RHEL4.ppc",
"4ES:shadow-utils-2:4.0.3-61.RHEL4.s390",
"4ES:shadow-utils-2:4.0.3-61.RHEL4.s390x",
"4ES:shadow-utils-2:4.0.3-61.RHEL4.src",
"4ES:shadow-utils-2:4.0.3-61.RHEL4.x86_64",
"4ES:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.i386",
"4ES:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ia64",
"4ES:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ppc",
"4ES:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390",
"4ES:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390x",
"4ES:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.x86_64",
"4WS:shadow-utils-2:4.0.3-61.RHEL4.i386",
"4WS:shadow-utils-2:4.0.3-61.RHEL4.ia64",
"4WS:shadow-utils-2:4.0.3-61.RHEL4.ppc",
"4WS:shadow-utils-2:4.0.3-61.RHEL4.s390",
"4WS:shadow-utils-2:4.0.3-61.RHEL4.s390x",
"4WS:shadow-utils-2:4.0.3-61.RHEL4.src",
"4WS:shadow-utils-2:4.0.3-61.RHEL4.x86_64",
"4WS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.i386",
"4WS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ia64",
"4WS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ppc",
"4WS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390",
"4WS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390x",
"4WS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2007:0276"
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "security flaw"
}
]
}
rhsa-2007_0276
Vulnerability from csaf_redhat
Published
2007-05-01 14:18
Modified
2024-11-22 00:35
Summary
Red Hat Security Advisory: shadow-utils security and bug fix update
Notes
Topic
Updated shadow-utils packages that fix a security issue and various bugs
are now available.
This update has been rated as having low security impact by the Red Hat
Security Response Team.
Details
The shadow-utils package includes the necessary programs for converting
UNIX password files to the shadow password format, as well as programs for
managing user and group accounts.
A flaw was found in the useradd tool in shadow-utils. A new user's
mailbox, when created, could have random permissions for a short period.
This could allow a local attacker to read or modify the mailbox.
(CVE-2006-1174)
This update also fixes the following bugs:
* shadow-utils debuginfo package was empty.
* faillog was unusable on 64-bit systems. It checked every UID from 0 to
the max UID, which was an excessively large number on 64-bit systems.
* typo bug in login.defs file
All users of shadow-utils are advised to upgrade to these updated packages,
which contain backported patches to resolve these issues.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Low"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated shadow-utils packages that fix a security issue and various bugs\nare now available.\n\nThis update has been rated as having low security impact by the Red Hat\nSecurity Response Team.",
"title": "Topic"
},
{
"category": "general",
"text": "The shadow-utils package includes the necessary programs for converting\nUNIX password files to the shadow password format, as well as programs for\nmanaging user and group accounts.\n\nA flaw was found in the useradd tool in shadow-utils. A new user\u0027s\nmailbox, when created, could have random permissions for a short period.\nThis could allow a local attacker to read or modify the mailbox.\n(CVE-2006-1174)\n\nThis update also fixes the following bugs:\n\n* shadow-utils debuginfo package was empty.\n\n* faillog was unusable on 64-bit systems. It checked every UID from 0 to\nthe max UID, which was an excessively large number on 64-bit systems.\n\n* typo bug in login.defs file\n\nAll users of shadow-utils are advised to upgrade to these updated packages,\nwhich contain backported patches to resolve these issues.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2007:0276",
"url": "https://access.redhat.com/errata/RHSA-2007:0276"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#low",
"url": "https://access.redhat.com/security/updates/classification/#low"
},
{
"category": "external",
"summary": "176951",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=176951"
},
{
"category": "external",
"summary": "177017",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=177017"
},
{
"category": "external",
"summary": "188263",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=188263"
},
{
"category": "external",
"summary": "193053",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=193053"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2007/rhsa-2007_0276.json"
}
],
"title": "Red Hat Security Advisory: shadow-utils security and bug fix update",
"tracking": {
"current_release_date": "2024-11-22T00:35:58+00:00",
"generator": {
"date": "2024-11-22T00:35:58+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2007:0276",
"initial_release_date": "2007-05-01T14:18:00+00:00",
"revision_history": [
{
"date": "2007-05-01T14:18:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2007-05-01T13:30:42+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T00:35:58+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AS version 4",
"product": {
"name": "Red Hat Enterprise Linux AS version 4",
"product_id": "4AS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::as"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop version 4",
"product": {
"name": "Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::desktop"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ES version 4",
"product": {
"name": "Red Hat Enterprise Linux ES version 4",
"product_id": "4ES",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::es"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux WS version 4",
"product": {
"name": "Red Hat Enterprise Linux WS version 4",
"product_id": "4WS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::ws"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "shadow-utils-2:4.0.3-61.RHEL4.ia64",
"product": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.ia64",
"product_id": "shadow-utils-2:4.0.3-61.RHEL4.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/shadow-utils@4.0.3-61.RHEL4?arch=ia64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ia64",
"product": {
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ia64",
"product_id": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/shadow-utils-debuginfo@4.0.3-61.RHEL4?arch=ia64\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "shadow-utils-2:4.0.3-61.RHEL4.src",
"product": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.src",
"product_id": "shadow-utils-2:4.0.3-61.RHEL4.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/shadow-utils@4.0.3-61.RHEL4?arch=src\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "shadow-utils-2:4.0.3-61.RHEL4.x86_64",
"product": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.x86_64",
"product_id": "shadow-utils-2:4.0.3-61.RHEL4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/shadow-utils@4.0.3-61.RHEL4?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.x86_64",
"product": {
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.x86_64",
"product_id": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/shadow-utils-debuginfo@4.0.3-61.RHEL4?arch=x86_64\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "shadow-utils-2:4.0.3-61.RHEL4.i386",
"product": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.i386",
"product_id": "shadow-utils-2:4.0.3-61.RHEL4.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/shadow-utils@4.0.3-61.RHEL4?arch=i386\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.i386",
"product": {
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.i386",
"product_id": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/shadow-utils-debuginfo@4.0.3-61.RHEL4?arch=i386\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "i386"
},
{
"branches": [
{
"category": "product_version",
"name": "shadow-utils-2:4.0.3-61.RHEL4.ppc",
"product": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.ppc",
"product_id": "shadow-utils-2:4.0.3-61.RHEL4.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/shadow-utils@4.0.3-61.RHEL4?arch=ppc\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ppc",
"product": {
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ppc",
"product_id": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/shadow-utils-debuginfo@4.0.3-61.RHEL4?arch=ppc\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "ppc"
},
{
"branches": [
{
"category": "product_version",
"name": "shadow-utils-2:4.0.3-61.RHEL4.s390",
"product": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.s390",
"product_id": "shadow-utils-2:4.0.3-61.RHEL4.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/shadow-utils@4.0.3-61.RHEL4?arch=s390\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390",
"product": {
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390",
"product_id": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/shadow-utils-debuginfo@4.0.3-61.RHEL4?arch=s390\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "s390"
},
{
"branches": [
{
"category": "product_version",
"name": "shadow-utils-2:4.0.3-61.RHEL4.s390x",
"product": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.s390x",
"product_id": "shadow-utils-2:4.0.3-61.RHEL4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/shadow-utils@4.0.3-61.RHEL4?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390x",
"product": {
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390x",
"product_id": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/shadow-utils-debuginfo@4.0.3-61.RHEL4?arch=s390x\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.i386 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:shadow-utils-2:4.0.3-61.RHEL4.i386"
},
"product_reference": "shadow-utils-2:4.0.3-61.RHEL4.i386",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.ia64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:shadow-utils-2:4.0.3-61.RHEL4.ia64"
},
"product_reference": "shadow-utils-2:4.0.3-61.RHEL4.ia64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.ppc as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:shadow-utils-2:4.0.3-61.RHEL4.ppc"
},
"product_reference": "shadow-utils-2:4.0.3-61.RHEL4.ppc",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.s390 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:shadow-utils-2:4.0.3-61.RHEL4.s390"
},
"product_reference": "shadow-utils-2:4.0.3-61.RHEL4.s390",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.s390x as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:shadow-utils-2:4.0.3-61.RHEL4.s390x"
},
"product_reference": "shadow-utils-2:4.0.3-61.RHEL4.s390x",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.src as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:shadow-utils-2:4.0.3-61.RHEL4.src"
},
"product_reference": "shadow-utils-2:4.0.3-61.RHEL4.src",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:shadow-utils-2:4.0.3-61.RHEL4.x86_64"
},
"product_reference": "shadow-utils-2:4.0.3-61.RHEL4.x86_64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.i386 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.i386"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.i386",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ia64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ia64"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ia64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ppc as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ppc"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ppc",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390x as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390x"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390x",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.x86_64"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.x86_64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:shadow-utils-2:4.0.3-61.RHEL4.i386"
},
"product_reference": "shadow-utils-2:4.0.3-61.RHEL4.i386",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:shadow-utils-2:4.0.3-61.RHEL4.ia64"
},
"product_reference": "shadow-utils-2:4.0.3-61.RHEL4.ia64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:shadow-utils-2:4.0.3-61.RHEL4.ppc"
},
"product_reference": "shadow-utils-2:4.0.3-61.RHEL4.ppc",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.s390 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:shadow-utils-2:4.0.3-61.RHEL4.s390"
},
"product_reference": "shadow-utils-2:4.0.3-61.RHEL4.s390",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.s390x as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:shadow-utils-2:4.0.3-61.RHEL4.s390x"
},
"product_reference": "shadow-utils-2:4.0.3-61.RHEL4.s390x",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.src as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:shadow-utils-2:4.0.3-61.RHEL4.src"
},
"product_reference": "shadow-utils-2:4.0.3-61.RHEL4.src",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:shadow-utils-2:4.0.3-61.RHEL4.x86_64"
},
"product_reference": "shadow-utils-2:4.0.3-61.RHEL4.x86_64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.i386"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.i386",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ia64"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ia64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ppc"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ppc",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390x as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390x"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390x",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.x86_64"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.x86_64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.i386 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:shadow-utils-2:4.0.3-61.RHEL4.i386"
},
"product_reference": "shadow-utils-2:4.0.3-61.RHEL4.i386",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.ia64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:shadow-utils-2:4.0.3-61.RHEL4.ia64"
},
"product_reference": "shadow-utils-2:4.0.3-61.RHEL4.ia64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.ppc as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:shadow-utils-2:4.0.3-61.RHEL4.ppc"
},
"product_reference": "shadow-utils-2:4.0.3-61.RHEL4.ppc",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.s390 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:shadow-utils-2:4.0.3-61.RHEL4.s390"
},
"product_reference": "shadow-utils-2:4.0.3-61.RHEL4.s390",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.s390x as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:shadow-utils-2:4.0.3-61.RHEL4.s390x"
},
"product_reference": "shadow-utils-2:4.0.3-61.RHEL4.s390x",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.src as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:shadow-utils-2:4.0.3-61.RHEL4.src"
},
"product_reference": "shadow-utils-2:4.0.3-61.RHEL4.src",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:shadow-utils-2:4.0.3-61.RHEL4.x86_64"
},
"product_reference": "shadow-utils-2:4.0.3-61.RHEL4.x86_64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.i386 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.i386"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.i386",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ia64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ia64"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ia64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ppc as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ppc"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ppc",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390x as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390x"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390x",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.x86_64"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.x86_64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.i386 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:shadow-utils-2:4.0.3-61.RHEL4.i386"
},
"product_reference": "shadow-utils-2:4.0.3-61.RHEL4.i386",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.ia64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:shadow-utils-2:4.0.3-61.RHEL4.ia64"
},
"product_reference": "shadow-utils-2:4.0.3-61.RHEL4.ia64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.ppc as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:shadow-utils-2:4.0.3-61.RHEL4.ppc"
},
"product_reference": "shadow-utils-2:4.0.3-61.RHEL4.ppc",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.s390 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:shadow-utils-2:4.0.3-61.RHEL4.s390"
},
"product_reference": "shadow-utils-2:4.0.3-61.RHEL4.s390",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.s390x as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:shadow-utils-2:4.0.3-61.RHEL4.s390x"
},
"product_reference": "shadow-utils-2:4.0.3-61.RHEL4.s390x",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.src as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:shadow-utils-2:4.0.3-61.RHEL4.src"
},
"product_reference": "shadow-utils-2:4.0.3-61.RHEL4.src",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-61.RHEL4.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:shadow-utils-2:4.0.3-61.RHEL4.x86_64"
},
"product_reference": "shadow-utils-2:4.0.3-61.RHEL4.x86_64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.i386 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.i386"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.i386",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ia64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ia64"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ia64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ppc as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ppc"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ppc",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390x as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390x"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390x",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.x86_64"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-61.RHEL4.x86_64",
"relates_to_product_reference": "4WS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2006-1174",
"discovery_date": "2006-05-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1618029"
}
],
"notes": [
{
"category": "description",
"text": "useradd in shadow-utils before 4.0.3, and possibly other versions before 4.0.8, does not provide a required argument to the open function when creating a new user mailbox, which causes the mailbox to be created with unpredictable permissions and possibly allows attackers to read or modify the mailbox.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "security flaw",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat is aware of this issue and is tracking it via the following bugs:\nhttps://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=193053\nhttps://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=229194\n\nThe Red Hat Security Response Team has rated this issue as having low security impact, a future update may address this flaw. More information regarding issue severity can be found here:\nhttp://www.redhat.com/security/updates/classification/\n\nThe risks associated with fixing this bug are greater than the low severity security risk. We therefore currently have no plans to fix this flaw in Red Hat Enterprise Linux 2.1 which is in maintenance mode.",
"title": "Statement"
}
],
"product_status": {
"fixed": [
"4AS:shadow-utils-2:4.0.3-61.RHEL4.i386",
"4AS:shadow-utils-2:4.0.3-61.RHEL4.ia64",
"4AS:shadow-utils-2:4.0.3-61.RHEL4.ppc",
"4AS:shadow-utils-2:4.0.3-61.RHEL4.s390",
"4AS:shadow-utils-2:4.0.3-61.RHEL4.s390x",
"4AS:shadow-utils-2:4.0.3-61.RHEL4.src",
"4AS:shadow-utils-2:4.0.3-61.RHEL4.x86_64",
"4AS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.i386",
"4AS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ia64",
"4AS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ppc",
"4AS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390",
"4AS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390x",
"4AS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.x86_64",
"4Desktop:shadow-utils-2:4.0.3-61.RHEL4.i386",
"4Desktop:shadow-utils-2:4.0.3-61.RHEL4.ia64",
"4Desktop:shadow-utils-2:4.0.3-61.RHEL4.ppc",
"4Desktop:shadow-utils-2:4.0.3-61.RHEL4.s390",
"4Desktop:shadow-utils-2:4.0.3-61.RHEL4.s390x",
"4Desktop:shadow-utils-2:4.0.3-61.RHEL4.src",
"4Desktop:shadow-utils-2:4.0.3-61.RHEL4.x86_64",
"4Desktop:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.i386",
"4Desktop:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ia64",
"4Desktop:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ppc",
"4Desktop:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390",
"4Desktop:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390x",
"4Desktop:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.x86_64",
"4ES:shadow-utils-2:4.0.3-61.RHEL4.i386",
"4ES:shadow-utils-2:4.0.3-61.RHEL4.ia64",
"4ES:shadow-utils-2:4.0.3-61.RHEL4.ppc",
"4ES:shadow-utils-2:4.0.3-61.RHEL4.s390",
"4ES:shadow-utils-2:4.0.3-61.RHEL4.s390x",
"4ES:shadow-utils-2:4.0.3-61.RHEL4.src",
"4ES:shadow-utils-2:4.0.3-61.RHEL4.x86_64",
"4ES:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.i386",
"4ES:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ia64",
"4ES:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ppc",
"4ES:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390",
"4ES:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390x",
"4ES:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.x86_64",
"4WS:shadow-utils-2:4.0.3-61.RHEL4.i386",
"4WS:shadow-utils-2:4.0.3-61.RHEL4.ia64",
"4WS:shadow-utils-2:4.0.3-61.RHEL4.ppc",
"4WS:shadow-utils-2:4.0.3-61.RHEL4.s390",
"4WS:shadow-utils-2:4.0.3-61.RHEL4.s390x",
"4WS:shadow-utils-2:4.0.3-61.RHEL4.src",
"4WS:shadow-utils-2:4.0.3-61.RHEL4.x86_64",
"4WS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.i386",
"4WS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ia64",
"4WS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ppc",
"4WS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390",
"4WS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390x",
"4WS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2006-1174"
},
{
"category": "external",
"summary": "RHBZ#1618029",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618029"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2006-1174",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-1174"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-1174",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2006-1174"
}
],
"release_date": "2005-02-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2007-05-01T14:18:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied. Use Red Hat\nNetwork to download and update your packages. To launch the Red Hat\nUpdate Agent, use the following command:\n\n up2date\n\nFor information on how to install packages manually, refer to the\nfollowing Web page for the System Administration or Customization\nguide specific to your system:\n\n http://www.redhat.com/docs/manuals/enterprise/",
"product_ids": [
"4AS:shadow-utils-2:4.0.3-61.RHEL4.i386",
"4AS:shadow-utils-2:4.0.3-61.RHEL4.ia64",
"4AS:shadow-utils-2:4.0.3-61.RHEL4.ppc",
"4AS:shadow-utils-2:4.0.3-61.RHEL4.s390",
"4AS:shadow-utils-2:4.0.3-61.RHEL4.s390x",
"4AS:shadow-utils-2:4.0.3-61.RHEL4.src",
"4AS:shadow-utils-2:4.0.3-61.RHEL4.x86_64",
"4AS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.i386",
"4AS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ia64",
"4AS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ppc",
"4AS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390",
"4AS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390x",
"4AS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.x86_64",
"4Desktop:shadow-utils-2:4.0.3-61.RHEL4.i386",
"4Desktop:shadow-utils-2:4.0.3-61.RHEL4.ia64",
"4Desktop:shadow-utils-2:4.0.3-61.RHEL4.ppc",
"4Desktop:shadow-utils-2:4.0.3-61.RHEL4.s390",
"4Desktop:shadow-utils-2:4.0.3-61.RHEL4.s390x",
"4Desktop:shadow-utils-2:4.0.3-61.RHEL4.src",
"4Desktop:shadow-utils-2:4.0.3-61.RHEL4.x86_64",
"4Desktop:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.i386",
"4Desktop:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ia64",
"4Desktop:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ppc",
"4Desktop:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390",
"4Desktop:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390x",
"4Desktop:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.x86_64",
"4ES:shadow-utils-2:4.0.3-61.RHEL4.i386",
"4ES:shadow-utils-2:4.0.3-61.RHEL4.ia64",
"4ES:shadow-utils-2:4.0.3-61.RHEL4.ppc",
"4ES:shadow-utils-2:4.0.3-61.RHEL4.s390",
"4ES:shadow-utils-2:4.0.3-61.RHEL4.s390x",
"4ES:shadow-utils-2:4.0.3-61.RHEL4.src",
"4ES:shadow-utils-2:4.0.3-61.RHEL4.x86_64",
"4ES:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.i386",
"4ES:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ia64",
"4ES:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ppc",
"4ES:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390",
"4ES:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390x",
"4ES:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.x86_64",
"4WS:shadow-utils-2:4.0.3-61.RHEL4.i386",
"4WS:shadow-utils-2:4.0.3-61.RHEL4.ia64",
"4WS:shadow-utils-2:4.0.3-61.RHEL4.ppc",
"4WS:shadow-utils-2:4.0.3-61.RHEL4.s390",
"4WS:shadow-utils-2:4.0.3-61.RHEL4.s390x",
"4WS:shadow-utils-2:4.0.3-61.RHEL4.src",
"4WS:shadow-utils-2:4.0.3-61.RHEL4.x86_64",
"4WS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.i386",
"4WS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ia64",
"4WS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.ppc",
"4WS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390",
"4WS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.s390x",
"4WS:shadow-utils-debuginfo-2:4.0.3-61.RHEL4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2007:0276"
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "security flaw"
}
]
}
rhsa-2007:0431
Vulnerability from csaf_redhat
Published
2007-06-07 20:16
Modified
2025-10-09 12:49
Summary
Red Hat Security Advisory: shadow-utils security and bug fix update
Notes
Topic
An updated shadow-utils package that fixes a security issue and several
bugs is now available.
This update has been rated as having low security impact by the Red Hat
Security Response Team.
Details
The shadow-utils package includes the necessary programs for converting
UNIX password files to the shadow password format, as well as programs
for managing user and group accounts.
A flaw was found in the useradd tool in shadow-utils. A new user's
mailbox, when created, could have random permissions for a short period.
This could allow a local attacker to read or modify the mailbox.
(CVE-2006-1174)
This update also fixes the following bugs:
* shadow-utils debuginfo package was empty.
* chage.1 and chage -l gave incorrect information about sp_inact.
All users of shadow-utils are advised to upgrade to this updated
package, which contains backported patches to resolve these issues.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Low"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An updated shadow-utils package that fixes a security issue and several\nbugs is now available.\n\nThis update has been rated as having low security impact by the Red Hat\nSecurity Response Team.",
"title": "Topic"
},
{
"category": "general",
"text": "The shadow-utils package includes the necessary programs for converting\nUNIX password files to the shadow password format, as well as programs \nfor managing user and group accounts. \n\nA flaw was found in the useradd tool in shadow-utils. A new user\u0027s\nmailbox, when created, could have random permissions for a short period.\nThis could allow a local attacker to read or modify the mailbox.\n(CVE-2006-1174)\n\nThis update also fixes the following bugs:\n\n* shadow-utils debuginfo package was empty.\n\n* chage.1 and chage -l gave incorrect information about sp_inact.\n\nAll users of shadow-utils are advised to upgrade to this updated \npackage, which contains backported patches to resolve these issues.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2007:0431",
"url": "https://access.redhat.com/errata/RHSA-2007:0431"
},
{
"category": "external",
"summary": "http://www.redhat.com/security/updates/classification/#low",
"url": "http://www.redhat.com/security/updates/classification/#low"
},
{
"category": "external",
"summary": "176949",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=176949"
},
{
"category": "external",
"summary": "216635",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=216635"
},
{
"category": "external",
"summary": "229194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=229194"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2007/rhsa-2007_0431.json"
}
],
"title": "Red Hat Security Advisory: shadow-utils security and bug fix update",
"tracking": {
"current_release_date": "2025-10-09T12:49:44+00:00",
"generator": {
"date": "2025-10-09T12:49:44+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.9"
}
},
"id": "RHSA-2007:0431",
"initial_release_date": "2007-06-07T20:16:00+00:00",
"revision_history": [
{
"date": "2007-06-07T20:16:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2007-06-07T16:16:45+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-09T12:49:44+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AS version 3",
"product": {
"name": "Red Hat Enterprise Linux AS version 3",
"product_id": "3AS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:3::as"
}
}
},
{
"category": "product_name",
"name": "Red Hat Desktop version 3",
"product": {
"name": "Red Hat Desktop version 3",
"product_id": "3Desktop",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:3::desktop"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ES version 3",
"product": {
"name": "Red Hat Enterprise Linux ES version 3",
"product_id": "3ES",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:3::es"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux WS version 3",
"product": {
"name": "Red Hat Enterprise Linux WS version 3",
"product_id": "3WS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:3::ws"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "shadow-utils-2:4.0.3-29.RHEL3.ia64",
"product": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.ia64",
"product_id": "shadow-utils-2:4.0.3-29.RHEL3.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/shadow-utils@4.0.3-29.RHEL3?arch=ia64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ia64",
"product": {
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ia64",
"product_id": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/shadow-utils-debuginfo@4.0.3-29.RHEL3?arch=ia64\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "shadow-utils-2:4.0.3-29.RHEL3.src",
"product": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.src",
"product_id": "shadow-utils-2:4.0.3-29.RHEL3.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/shadow-utils@4.0.3-29.RHEL3?arch=src\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "shadow-utils-2:4.0.3-29.RHEL3.x86_64",
"product": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.x86_64",
"product_id": "shadow-utils-2:4.0.3-29.RHEL3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/shadow-utils@4.0.3-29.RHEL3?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.x86_64",
"product": {
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.x86_64",
"product_id": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/shadow-utils-debuginfo@4.0.3-29.RHEL3?arch=x86_64\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "shadow-utils-2:4.0.3-29.RHEL3.i386",
"product": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.i386",
"product_id": "shadow-utils-2:4.0.3-29.RHEL3.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/shadow-utils@4.0.3-29.RHEL3?arch=i386\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.i386",
"product": {
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.i386",
"product_id": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/shadow-utils-debuginfo@4.0.3-29.RHEL3?arch=i386\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "i386"
},
{
"branches": [
{
"category": "product_version",
"name": "shadow-utils-2:4.0.3-29.RHEL3.ppc",
"product": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.ppc",
"product_id": "shadow-utils-2:4.0.3-29.RHEL3.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/shadow-utils@4.0.3-29.RHEL3?arch=ppc\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ppc",
"product": {
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ppc",
"product_id": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/shadow-utils-debuginfo@4.0.3-29.RHEL3?arch=ppc\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "ppc"
},
{
"branches": [
{
"category": "product_version",
"name": "shadow-utils-2:4.0.3-29.RHEL3.s390x",
"product": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.s390x",
"product_id": "shadow-utils-2:4.0.3-29.RHEL3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/shadow-utils@4.0.3-29.RHEL3?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390x",
"product": {
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390x",
"product_id": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/shadow-utils-debuginfo@4.0.3-29.RHEL3?arch=s390x\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "shadow-utils-2:4.0.3-29.RHEL3.s390",
"product": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.s390",
"product_id": "shadow-utils-2:4.0.3-29.RHEL3.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/shadow-utils@4.0.3-29.RHEL3?arch=s390\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390",
"product": {
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390",
"product_id": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/shadow-utils-debuginfo@4.0.3-29.RHEL3?arch=s390\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "s390"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.i386 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:shadow-utils-2:4.0.3-29.RHEL3.i386"
},
"product_reference": "shadow-utils-2:4.0.3-29.RHEL3.i386",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.ia64 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:shadow-utils-2:4.0.3-29.RHEL3.ia64"
},
"product_reference": "shadow-utils-2:4.0.3-29.RHEL3.ia64",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.ppc as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:shadow-utils-2:4.0.3-29.RHEL3.ppc"
},
"product_reference": "shadow-utils-2:4.0.3-29.RHEL3.ppc",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.s390 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:shadow-utils-2:4.0.3-29.RHEL3.s390"
},
"product_reference": "shadow-utils-2:4.0.3-29.RHEL3.s390",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.s390x as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:shadow-utils-2:4.0.3-29.RHEL3.s390x"
},
"product_reference": "shadow-utils-2:4.0.3-29.RHEL3.s390x",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.src as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:shadow-utils-2:4.0.3-29.RHEL3.src"
},
"product_reference": "shadow-utils-2:4.0.3-29.RHEL3.src",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.x86_64 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:shadow-utils-2:4.0.3-29.RHEL3.x86_64"
},
"product_reference": "shadow-utils-2:4.0.3-29.RHEL3.x86_64",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.i386 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.i386"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.i386",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ia64 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ia64"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ia64",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ppc as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ppc"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ppc",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390x as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390x"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390x",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.x86_64 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.x86_64"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.x86_64",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.i386 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:shadow-utils-2:4.0.3-29.RHEL3.i386"
},
"product_reference": "shadow-utils-2:4.0.3-29.RHEL3.i386",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.ia64 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:shadow-utils-2:4.0.3-29.RHEL3.ia64"
},
"product_reference": "shadow-utils-2:4.0.3-29.RHEL3.ia64",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.ppc as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:shadow-utils-2:4.0.3-29.RHEL3.ppc"
},
"product_reference": "shadow-utils-2:4.0.3-29.RHEL3.ppc",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.s390 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:shadow-utils-2:4.0.3-29.RHEL3.s390"
},
"product_reference": "shadow-utils-2:4.0.3-29.RHEL3.s390",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.s390x as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:shadow-utils-2:4.0.3-29.RHEL3.s390x"
},
"product_reference": "shadow-utils-2:4.0.3-29.RHEL3.s390x",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.src as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:shadow-utils-2:4.0.3-29.RHEL3.src"
},
"product_reference": "shadow-utils-2:4.0.3-29.RHEL3.src",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.x86_64 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:shadow-utils-2:4.0.3-29.RHEL3.x86_64"
},
"product_reference": "shadow-utils-2:4.0.3-29.RHEL3.x86_64",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.i386 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.i386"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.i386",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ia64 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ia64"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ia64",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ppc as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ppc"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ppc",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390x as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390x"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390x",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.x86_64 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.x86_64"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.x86_64",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.i386 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:shadow-utils-2:4.0.3-29.RHEL3.i386"
},
"product_reference": "shadow-utils-2:4.0.3-29.RHEL3.i386",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.ia64 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:shadow-utils-2:4.0.3-29.RHEL3.ia64"
},
"product_reference": "shadow-utils-2:4.0.3-29.RHEL3.ia64",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.ppc as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:shadow-utils-2:4.0.3-29.RHEL3.ppc"
},
"product_reference": "shadow-utils-2:4.0.3-29.RHEL3.ppc",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.s390 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:shadow-utils-2:4.0.3-29.RHEL3.s390"
},
"product_reference": "shadow-utils-2:4.0.3-29.RHEL3.s390",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.s390x as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:shadow-utils-2:4.0.3-29.RHEL3.s390x"
},
"product_reference": "shadow-utils-2:4.0.3-29.RHEL3.s390x",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.src as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:shadow-utils-2:4.0.3-29.RHEL3.src"
},
"product_reference": "shadow-utils-2:4.0.3-29.RHEL3.src",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.x86_64 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:shadow-utils-2:4.0.3-29.RHEL3.x86_64"
},
"product_reference": "shadow-utils-2:4.0.3-29.RHEL3.x86_64",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.i386 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.i386"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.i386",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ia64 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ia64"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ia64",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ppc as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ppc"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ppc",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390x as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390x"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390x",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.x86_64 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.x86_64"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.x86_64",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.i386 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:shadow-utils-2:4.0.3-29.RHEL3.i386"
},
"product_reference": "shadow-utils-2:4.0.3-29.RHEL3.i386",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.ia64 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:shadow-utils-2:4.0.3-29.RHEL3.ia64"
},
"product_reference": "shadow-utils-2:4.0.3-29.RHEL3.ia64",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.ppc as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:shadow-utils-2:4.0.3-29.RHEL3.ppc"
},
"product_reference": "shadow-utils-2:4.0.3-29.RHEL3.ppc",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.s390 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:shadow-utils-2:4.0.3-29.RHEL3.s390"
},
"product_reference": "shadow-utils-2:4.0.3-29.RHEL3.s390",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.s390x as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:shadow-utils-2:4.0.3-29.RHEL3.s390x"
},
"product_reference": "shadow-utils-2:4.0.3-29.RHEL3.s390x",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.src as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:shadow-utils-2:4.0.3-29.RHEL3.src"
},
"product_reference": "shadow-utils-2:4.0.3-29.RHEL3.src",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-2:4.0.3-29.RHEL3.x86_64 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:shadow-utils-2:4.0.3-29.RHEL3.x86_64"
},
"product_reference": "shadow-utils-2:4.0.3-29.RHEL3.x86_64",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.i386 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.i386"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.i386",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ia64 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ia64"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ia64",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ppc as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ppc"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ppc",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390x as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390x"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390x",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.x86_64 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.x86_64"
},
"product_reference": "shadow-utils-debuginfo-2:4.0.3-29.RHEL3.x86_64",
"relates_to_product_reference": "3WS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2006-1174",
"discovery_date": "2006-05-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1618029"
}
],
"notes": [
{
"category": "description",
"text": "useradd in shadow-utils before 4.0.3, and possibly other versions before 4.0.8, does not provide a required argument to the open function when creating a new user mailbox, which causes the mailbox to be created with unpredictable permissions and possibly allows attackers to read or modify the mailbox.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "security flaw",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat is aware of this issue and is tracking it via the following bugs:\nhttps://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=193053\nhttps://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=229194\n\nThe Red Hat Security Response Team has rated this issue as having low security impact, a future update may address this flaw. More information regarding issue severity can be found here:\nhttp://www.redhat.com/security/updates/classification/\n\nThe risks associated with fixing this bug are greater than the low severity security risk. We therefore currently have no plans to fix this flaw in Red Hat Enterprise Linux 2.1 which is in maintenance mode.",
"title": "Statement"
}
],
"product_status": {
"fixed": [
"3AS:shadow-utils-2:4.0.3-29.RHEL3.i386",
"3AS:shadow-utils-2:4.0.3-29.RHEL3.ia64",
"3AS:shadow-utils-2:4.0.3-29.RHEL3.ppc",
"3AS:shadow-utils-2:4.0.3-29.RHEL3.s390",
"3AS:shadow-utils-2:4.0.3-29.RHEL3.s390x",
"3AS:shadow-utils-2:4.0.3-29.RHEL3.src",
"3AS:shadow-utils-2:4.0.3-29.RHEL3.x86_64",
"3AS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.i386",
"3AS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ia64",
"3AS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ppc",
"3AS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390",
"3AS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390x",
"3AS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.x86_64",
"3Desktop:shadow-utils-2:4.0.3-29.RHEL3.i386",
"3Desktop:shadow-utils-2:4.0.3-29.RHEL3.ia64",
"3Desktop:shadow-utils-2:4.0.3-29.RHEL3.ppc",
"3Desktop:shadow-utils-2:4.0.3-29.RHEL3.s390",
"3Desktop:shadow-utils-2:4.0.3-29.RHEL3.s390x",
"3Desktop:shadow-utils-2:4.0.3-29.RHEL3.src",
"3Desktop:shadow-utils-2:4.0.3-29.RHEL3.x86_64",
"3Desktop:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.i386",
"3Desktop:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ia64",
"3Desktop:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ppc",
"3Desktop:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390",
"3Desktop:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390x",
"3Desktop:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.x86_64",
"3ES:shadow-utils-2:4.0.3-29.RHEL3.i386",
"3ES:shadow-utils-2:4.0.3-29.RHEL3.ia64",
"3ES:shadow-utils-2:4.0.3-29.RHEL3.ppc",
"3ES:shadow-utils-2:4.0.3-29.RHEL3.s390",
"3ES:shadow-utils-2:4.0.3-29.RHEL3.s390x",
"3ES:shadow-utils-2:4.0.3-29.RHEL3.src",
"3ES:shadow-utils-2:4.0.3-29.RHEL3.x86_64",
"3ES:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.i386",
"3ES:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ia64",
"3ES:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ppc",
"3ES:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390",
"3ES:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390x",
"3ES:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.x86_64",
"3WS:shadow-utils-2:4.0.3-29.RHEL3.i386",
"3WS:shadow-utils-2:4.0.3-29.RHEL3.ia64",
"3WS:shadow-utils-2:4.0.3-29.RHEL3.ppc",
"3WS:shadow-utils-2:4.0.3-29.RHEL3.s390",
"3WS:shadow-utils-2:4.0.3-29.RHEL3.s390x",
"3WS:shadow-utils-2:4.0.3-29.RHEL3.src",
"3WS:shadow-utils-2:4.0.3-29.RHEL3.x86_64",
"3WS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.i386",
"3WS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ia64",
"3WS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ppc",
"3WS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390",
"3WS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390x",
"3WS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2006-1174"
},
{
"category": "external",
"summary": "RHBZ#1618029",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618029"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2006-1174",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-1174"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2006-1174",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2006-1174"
}
],
"release_date": "2005-02-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2007-06-07T20:16:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied. Use Red Hat\nNetwork to download and update your packages. To launch the Red Hat\nUpdate Agent, use the following command:\n\n up2date\n\nFor information on how to install packages manually, refer to the\nfollowing Web page for the System Administration or Customization\nguide specific to your system:\n\n http://www.redhat.com/docs/manuals/enterprise/",
"product_ids": [
"3AS:shadow-utils-2:4.0.3-29.RHEL3.i386",
"3AS:shadow-utils-2:4.0.3-29.RHEL3.ia64",
"3AS:shadow-utils-2:4.0.3-29.RHEL3.ppc",
"3AS:shadow-utils-2:4.0.3-29.RHEL3.s390",
"3AS:shadow-utils-2:4.0.3-29.RHEL3.s390x",
"3AS:shadow-utils-2:4.0.3-29.RHEL3.src",
"3AS:shadow-utils-2:4.0.3-29.RHEL3.x86_64",
"3AS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.i386",
"3AS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ia64",
"3AS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ppc",
"3AS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390",
"3AS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390x",
"3AS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.x86_64",
"3Desktop:shadow-utils-2:4.0.3-29.RHEL3.i386",
"3Desktop:shadow-utils-2:4.0.3-29.RHEL3.ia64",
"3Desktop:shadow-utils-2:4.0.3-29.RHEL3.ppc",
"3Desktop:shadow-utils-2:4.0.3-29.RHEL3.s390",
"3Desktop:shadow-utils-2:4.0.3-29.RHEL3.s390x",
"3Desktop:shadow-utils-2:4.0.3-29.RHEL3.src",
"3Desktop:shadow-utils-2:4.0.3-29.RHEL3.x86_64",
"3Desktop:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.i386",
"3Desktop:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ia64",
"3Desktop:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ppc",
"3Desktop:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390",
"3Desktop:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390x",
"3Desktop:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.x86_64",
"3ES:shadow-utils-2:4.0.3-29.RHEL3.i386",
"3ES:shadow-utils-2:4.0.3-29.RHEL3.ia64",
"3ES:shadow-utils-2:4.0.3-29.RHEL3.ppc",
"3ES:shadow-utils-2:4.0.3-29.RHEL3.s390",
"3ES:shadow-utils-2:4.0.3-29.RHEL3.s390x",
"3ES:shadow-utils-2:4.0.3-29.RHEL3.src",
"3ES:shadow-utils-2:4.0.3-29.RHEL3.x86_64",
"3ES:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.i386",
"3ES:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ia64",
"3ES:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ppc",
"3ES:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390",
"3ES:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390x",
"3ES:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.x86_64",
"3WS:shadow-utils-2:4.0.3-29.RHEL3.i386",
"3WS:shadow-utils-2:4.0.3-29.RHEL3.ia64",
"3WS:shadow-utils-2:4.0.3-29.RHEL3.ppc",
"3WS:shadow-utils-2:4.0.3-29.RHEL3.s390",
"3WS:shadow-utils-2:4.0.3-29.RHEL3.s390x",
"3WS:shadow-utils-2:4.0.3-29.RHEL3.src",
"3WS:shadow-utils-2:4.0.3-29.RHEL3.x86_64",
"3WS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.i386",
"3WS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ia64",
"3WS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.ppc",
"3WS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390",
"3WS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.s390x",
"3WS:shadow-utils-debuginfo-2:4.0.3-29.RHEL3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2007:0431"
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "security flaw"
}
]
}
gsd-2006-1174
Vulnerability from gsd
Modified
2023-12-13 01:19
Details
useradd in shadow-utils before 4.0.3, and possibly other versions before 4.0.8, does not provide a required argument to the open function when creating a new user mailbox, which causes the mailbox to be created with unpredictable permissions and possibly allows attackers to read or modify the mailbox.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2006-1174",
"description": "useradd in shadow-utils before 4.0.3, and possibly other versions before 4.0.8, does not provide a required argument to the open function when creating a new user mailbox, which causes the mailbox to be created with unpredictable permissions and possibly allows attackers to read or modify the mailbox.",
"id": "GSD-2006-1174",
"references": [
"https://www.suse.com/security/cve/CVE-2006-1174.html",
"https://access.redhat.com/errata/RHSA-2007:0431",
"https://access.redhat.com/errata/RHSA-2007:0276",
"https://linux.oracle.com/cve/CVE-2006-1174.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2006-1174"
],
"details": "useradd in shadow-utils before 4.0.3, and possibly other versions before 4.0.8, does not provide a required argument to the open function when creating a new user mailbox, which causes the mailbox to be created with unpredictable permissions and possibly allows attackers to read or modify the mailbox.",
"id": "GSD-2006-1174",
"modified": "2023-12-13T01:19:55.126861Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2006-1174",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "useradd in shadow-utils before 4.0.3, and possibly other versions before 4.0.8, does not provide a required argument to the open function when creating a new user mailbox, which causes the mailbox to be created with unpredictable permissions and possibly allows attackers to read or modify the mailbox."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20070920 VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html"
},
{
"name": "25098",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25098"
},
{
"name": "25894",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25894"
},
{
"name": "RHSA-2007:0431",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0431.html"
},
{
"name": "ADV-2007-3229",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3229"
},
{
"name": "25267",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25267"
},
{
"name": "RHSA-2007:0276",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0276.html"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2007-249.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-249.htm"
},
{
"name": "18111",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18111"
},
{
"name": "1018221",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018221"
},
{
"name": "25629",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25629"
},
{
"name": "http://cvs.pld.org.pl/shadow/NEWS?rev=1.109",
"refsource": "CONFIRM",
"url": "http://cvs.pld.org.pl/shadow/NEWS?rev=1.109"
},
{
"name": "shadow-utils-useradd-file-permission(26958)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26958"
},
{
"name": "VU#312692",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/312692"
},
{
"name": "GLSA-200606-02",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200606-02.xml"
},
{
"name": "25896",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25896"
},
{
"name": "20070511 rPSA-2007-0096-1 shadow",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/468336/100/0/threaded"
},
{
"name": "MDKSA-2006:090",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:090"
},
{
"name": "oval:org.mitre.oval:def:10807",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10807"
},
{
"name": "26909",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26909"
},
{
"name": "27706",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27706"
},
{
"name": "ADV-2006-2006",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2006"
},
{
"name": "https://issues.rpath.com/browse/RPL-1357",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-1357"
},
{
"name": "20506",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20506"
},
{
"name": "20370",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20370"
},
{
"name": "20070602-01-P",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:debian:shadow:4.0.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:debian:shadow:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.0.7",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:debian:shadow:4.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:debian:shadow:4.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:debian:shadow:4.0.4.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:debian:shadow:4.0.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:debian:shadow:4.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:debian:shadow:4.0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2006-1174"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "useradd in shadow-utils before 4.0.3, and possibly other versions before 4.0.8, does not provide a required argument to the open function when creating a new user mailbox, which causes the mailbox to be created with unpredictable permissions and possibly allows attackers to read or modify the mailbox."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "18111",
"refsource": "BID",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/18111"
},
{
"name": "http://cvs.pld.org.pl/shadow/NEWS?rev=1.109",
"refsource": "CONFIRM",
"tags": [],
"url": "http://cvs.pld.org.pl/shadow/NEWS?rev=1.109"
},
{
"name": "20370",
"refsource": "SECUNIA",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20370"
},
{
"name": "GLSA-200606-02",
"refsource": "GENTOO",
"tags": [],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200606-02.xml"
},
{
"name": "20506",
"refsource": "SECUNIA",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20506"
},
{
"name": "RHSA-2007:0276",
"refsource": "REDHAT",
"tags": [],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0276.html"
},
{
"name": "25098",
"refsource": "SECUNIA",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25098"
},
{
"name": "https://issues.rpath.com/browse/RPL-1357",
"refsource": "CONFIRM",
"tags": [],
"url": "https://issues.rpath.com/browse/RPL-1357"
},
{
"name": "25267",
"refsource": "SECUNIA",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25267"
},
{
"name": "20070920 VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player",
"refsource": "FULLDISC",
"tags": [],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2007-249.htm",
"refsource": "CONFIRM",
"tags": [],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-249.htm"
},
{
"name": "MDKSA-2006:090",
"refsource": "MANDRIVA",
"tags": [],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:090"
},
{
"name": "RHSA-2007:0431",
"refsource": "REDHAT",
"tags": [],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0431.html"
},
{
"name": "20070602-01-P",
"refsource": "SGI",
"tags": [],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc"
},
{
"name": "1018221",
"refsource": "SECTRACK",
"tags": [],
"url": "http://www.securitytracker.com/id?1018221"
},
{
"name": "25629",
"refsource": "SECUNIA",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25629"
},
{
"name": "25894",
"refsource": "SECUNIA",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25894"
},
{
"name": "25896",
"refsource": "SECUNIA",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25896"
},
{
"name": "26909",
"refsource": "SECUNIA",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26909"
},
{
"name": "27706",
"refsource": "SECUNIA",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27706"
},
{
"name": "VU#312692",
"refsource": "CERT-VN",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/312692"
},
{
"name": "ADV-2006-2006",
"refsource": "VUPEN",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/2006"
},
{
"name": "ADV-2007-3229",
"refsource": "VUPEN",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/3229"
},
{
"name": "shadow-utils-useradd-file-permission(26958)",
"refsource": "XF",
"tags": [],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26958"
},
{
"name": "oval:org.mitre.oval:def:10807",
"refsource": "OVAL",
"tags": [],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10807"
},
{
"name": "20070511 rPSA-2007-0096-1 shadow",
"refsource": "BUGTRAQ",
"tags": [],
"url": "http://www.securityfocus.com/archive/1/468336/100/0/threaded"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.7,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 1.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"severity": "LOW",
"userInteractionRequired": false
}
},
"lastModifiedDate": "2020-08-11T17:09Z",
"publishedDate": "2006-05-28T23:02Z"
}
}
}
fkie_cve-2006-1174
Vulnerability from fkie_nvd
Published
2006-05-28 23:02
Modified
2025-04-03 01:03
Severity ?
Summary
useradd in shadow-utils before 4.0.3, and possibly other versions before 4.0.8, does not provide a required argument to the open function when creating a new user mailbox, which causes the mailbox to be created with unpredictable permissions and possibly allows attackers to read or modify the mailbox.
References
| URL | Tags | ||
|---|---|---|---|
| cret@cert.org | ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc | ||
| cret@cert.org | http://cvs.pld.org.pl/shadow/NEWS?rev=1.109 | ||
| cret@cert.org | http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html | ||
| cret@cert.org | http://secunia.com/advisories/20370 | Patch, Vendor Advisory | |
| cret@cert.org | http://secunia.com/advisories/20506 | Vendor Advisory | |
| cret@cert.org | http://secunia.com/advisories/25098 | Vendor Advisory | |
| cret@cert.org | http://secunia.com/advisories/25267 | Vendor Advisory | |
| cret@cert.org | http://secunia.com/advisories/25629 | Vendor Advisory | |
| cret@cert.org | http://secunia.com/advisories/25894 | Vendor Advisory | |
| cret@cert.org | http://secunia.com/advisories/25896 | Vendor Advisory | |
| cret@cert.org | http://secunia.com/advisories/26909 | Vendor Advisory | |
| cret@cert.org | http://secunia.com/advisories/27706 | Vendor Advisory | |
| cret@cert.org | http://support.avaya.com/elmodocs2/security/ASA-2007-249.htm | ||
| cret@cert.org | http://www.gentoo.org/security/en/glsa/glsa-200606-02.xml | ||
| cret@cert.org | http://www.kb.cert.org/vuls/id/312692 | US Government Resource | |
| cret@cert.org | http://www.mandriva.com/security/advisories?name=MDKSA-2006:090 | ||
| cret@cert.org | http://www.redhat.com/support/errata/RHSA-2007-0276.html | ||
| cret@cert.org | http://www.redhat.com/support/errata/RHSA-2007-0431.html | ||
| cret@cert.org | http://www.securityfocus.com/archive/1/468336/100/0/threaded | ||
| cret@cert.org | http://www.securityfocus.com/bid/18111 | Patch | |
| cret@cert.org | http://www.securitytracker.com/id?1018221 | ||
| cret@cert.org | http://www.vupen.com/english/advisories/2006/2006 | Vendor Advisory | |
| cret@cert.org | http://www.vupen.com/english/advisories/2007/3229 | Vendor Advisory | |
| cret@cert.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/26958 | ||
| cret@cert.org | https://issues.rpath.com/browse/RPL-1357 | ||
| cret@cert.org | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10807 | ||
| af854a3a-2127-422b-91ae-364da2661108 | ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://cvs.pld.org.pl/shadow/NEWS?rev=1.109 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/20370 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/20506 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/25098 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/25267 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/25629 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/25894 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/25896 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/26909 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/27706 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://support.avaya.com/elmodocs2/security/ASA-2007-249.htm | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.gentoo.org/security/en/glsa/glsa-200606-02.xml | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kb.cert.org/vuls/id/312692 | US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.mandriva.com/security/advisories?name=MDKSA-2006:090 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2007-0276.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2007-0431.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/468336/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/18111 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1018221 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2006/2006 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2007/3229 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/26958 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://issues.rpath.com/browse/RPL-1357 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10807 |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:debian:shadow:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AED127ED-19EC-4726-BEE0-54F0D79EB687",
"versionEndIncluding": "4.0.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:debian:shadow:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2973B149-FE07-4419-93A3-60AA9869A0DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:debian:shadow:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BA08859D-4D5B-4B0A-9806-2B32A10B8B57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:debian:shadow:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "967E773A-162A-412B-832A-FB8CEFCCD9BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:debian:shadow:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B5B4F1B0-3ECC-4087-88CE-FD5D479891AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:debian:shadow:4.0.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D1E94046-69F7-485B-ADF8-F10619B23E6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:debian:shadow:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B5B4260C-E44F-4D48-9349-BA089F1F1AF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:debian:shadow:4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A003CA1C-0427-4257-A579-1BFA91A51CCC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "useradd in shadow-utils before 4.0.3, and possibly other versions before 4.0.8, does not provide a required argument to the open function when creating a new user mailbox, which causes the mailbox to be created with unpredictable permissions and possibly allows attackers to read or modify the mailbox."
}
],
"id": "CVE-2006-1174",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.7,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 1.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-05-28T23:02:00.000",
"references": [
{
"source": "cret@cert.org",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc"
},
{
"source": "cret@cert.org",
"url": "http://cvs.pld.org.pl/shadow/NEWS?rev=1.109"
},
{
"source": "cret@cert.org",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html"
},
{
"source": "cret@cert.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20370"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20506"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25098"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25267"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25629"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25894"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25896"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26909"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27706"
},
{
"source": "cret@cert.org",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-249.htm"
},
{
"source": "cret@cert.org",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200606-02.xml"
},
{
"source": "cret@cert.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/312692"
},
{
"source": "cret@cert.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:090"
},
{
"source": "cret@cert.org",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0276.html"
},
{
"source": "cret@cert.org",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0431.html"
},
{
"source": "cret@cert.org",
"url": "http://www.securityfocus.com/archive/1/468336/100/0/threaded"
},
{
"source": "cret@cert.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/18111"
},
{
"source": "cret@cert.org",
"url": "http://www.securitytracker.com/id?1018221"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/2006"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/3229"
},
{
"source": "cret@cert.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26958"
},
{
"source": "cret@cert.org",
"url": "https://issues.rpath.com/browse/RPL-1357"
},
{
"source": "cret@cert.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10807"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://cvs.pld.org.pl/shadow/NEWS?rev=1.109"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20370"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20506"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25098"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25267"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25629"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25894"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25896"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26909"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27706"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-249.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200606-02.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/312692"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:090"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0276.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0431.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/468336/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/18111"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1018221"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/2006"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/3229"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26958"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://issues.rpath.com/browse/RPL-1357"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10807"
}
],
"sourceIdentifier": "cret@cert.org",
"vendorComments": [
{
"comment": "Red Hat is aware of this issue and is tracking it via the following bugs:\nhttps://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=193053\nhttps://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=229194\n\nThe Red Hat Security Response Team has rated this issue as having low security impact, a future update may address this flaw. More information regarding issue severity can be found here:\nhttp://www.redhat.com/security/updates/classification/\n\nThe risks associated with fixing this bug are greater than the low severity security risk. We therefore currently have no plans to fix this flaw in Red Hat Enterprise Linux 2.1 which is in maintenance mode.",
"lastModified": "2007-09-06T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…