Vulnerability Details : CVE-2005-1976

Novell NetMail 3.5.2a, 3.5.2b, and 3.5.2c, when running on Linux, sets the owner and group ID to 500 for certain files, which could allow users or groups with that ID to execute arbitrary code or cause a denial of service by modifying those files.

Vulnerability category: Execute codeDenial of service

Published 2005-12-31 05:00:00

Updated 2008-09-05 20:50:34

Source MITRE

View at NVD, CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2005-1976

Probability of exploitation activity in the next 30 days: 0.13%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 46 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2005-1976

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Source
1.7	LOW	AV:L/AC:L/Au:S/C:N/I:N/A:P	3.1	2.9	[email protected]
Access Vector: Local Access Complexity: Low Authentication: Single Confidentiality Impact: None Integrity Impact: None Availability Impact: Partial

References for CVE-2005-1976

Products affected by CVE-2005-1976

Novell » Netmail » Version: 3.5.2 Update A
cpe:2.3:a:novell:netmail:3.5.2:a:*:*:*:*:*:*
Matching versions
Novell » Netmail » Version: 3.5.2 Update B
cpe:2.3:a:novell:netmail:3.5.2:b:*:*:*:*:*:*
Matching versions
Novell » Netmail » Version: 3.5.2 Update C
cpe:2.3:a:novell:netmail:3.5.2:c:*:*:*:*:*:*
Matching versions