Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:Mandrake Local Security Checks
Title:Mandrake Security Advisory MDKSA-2005:032 (cpio)

The remote host is missing an update to cpio
announced via advisory MDKSA-2005:032.

A vulnerability in cpio was discovered where cpio would create world-
writeable files when used in -o/--create mode and giving an output
file (with -O). This would allow any user to modify the created cpio
archive. The updated packages have been patched so that cpio now
respects the current umask setting of the user.

Affected versions: 10.0, 10.1, 9.2, Corporate 3.0,
Corporate Server 2.1

To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

Risk factor : Medium

CVSS Score:

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-1999-1572
Bugtraq: 20050204 [USN-75-1] cpio vulnerability (Google Search)
Debian Security Information: DSA-664 (Google Search)
XForce ISS Database: cpio-o-archive-insecure-permissions(19167)
CopyrightCopyright (c) 2005 E-Soft Inc.

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2022 E-Soft Inc. All rights reserved.