CVE-1999-1572
Debian Debian Linux — NVD-CWE-Other
- Published: 1996-07-16T04:00:00.000
- Last modified: 2025-04-03T01:03:51.193
- Vendors: Debian, Redhat, Ubuntu
- Products: Debian Linux, Enterpri, Ubuntu Linux
- CWE: NVD-CWE-Other
CVE-1999-1572 — cpio on FreeBSD 2.1.0, Debian GNU/Linux 3.0, and possibly other operating systems, uses a 0 umask when creating files using the -O (archive) or -F options, which creates the files with mode 0666 and allows local users to read or overwrite those files. [Weakness: NVD-CWE-Other]
Related CVE by CWE
No related CWE found.
Top CVE for Vendor
No items for this vendor.
Recently Exploited Similar Vulnerabilities
No recent KEV-listed items for this vendor/product.
cpio on FreeBSD 2.1.0, Debian GNU/Linux 3.0, and possibly other operating systems, uses a 0 umask when creating files using the -O (archive) or -F options, which creates the files with mode 0666 and allows local users to read or overwrite those files.
🧠 Explainer: What this vulnerability means
Summary: A flaw in Debian Linux from Debian (CWE: unspecified) can be exploited.
Impact: It may allow privilege escalation, data exposure, or service interruption.
Mitigation: Apply the latest vendor patch or update to a fixed version; disable vulnerable modules where possible.
- http://marc.info/?l=bugtraq&m=110763404701519&w=2 []
- http://secunia.com/advisories/14357 []
- http://secunia.com/advisories/17063 []
- http://secunia.com/advisories/17532 []
- http://support.avaya.com/elmodocs2/security/ASA-2005-212.pdf []
- http://www.debian.org/security/2005/dsa-664 []
- http://www.freebsd.org/cgi/query-pr.cgi?pr=bin/1391 [Exploit]
- http://www.mandriva.com/security/advisories?name=MDKSA-2005:032 []
- http://www.redhat.com/support/errata/RHSA-2005-073.html []
- http://www.redhat.com/support/errata/RHSA-2005-080.html []
- http://www.redhat.com/support/errata/RHSA-2005-806.html []
- http://www.trustix.org/errata/2005/0003/ []
- https://exchange.xforce.ibmcloud.com/vulnerabilities/19167 []
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10888 []
- http://marc.info/?l=bugtraq&m=110763404701519&w=2 []
- http://secunia.com/advisories/14357 []
- http://secunia.com/advisories/17063 []
- http://secunia.com/advisories/17532 []
- http://support.avaya.com/elmodocs2/security/ASA-2005-212.pdf []
- http://www.debian.org/security/2005/dsa-664 []
- http://www.freebsd.org/cgi/query-pr.cgi?pr=bin/1391 [Exploit]
- http://www.mandriva.com/security/advisories?name=MDKSA-2005:032 []
- http://www.redhat.com/support/errata/RHSA-2005-073.html []
- http://www.redhat.com/support/errata/RHSA-2005-080.html []
- http://www.redhat.com/support/errata/RHSA-2005-806.html []
- http://www.trustix.org/errata/2005/0003/ []
- https://exchange.xforce.ibmcloud.com/vulnerabilities/19167 []
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10888 []
No explicit mitigation/advisory links found in references.