Vulnerability Name:

CVE-1999-1572 (CCN-19167)

Assigned:1996-07-16
Published:1996-07-16
Updated:2017-10-19
Summary:cpio on FreeBSD 2.1.0, Debian GNU/Linux 3.0, and possibly other operating systems, uses a 0 umask when creating files using the -O (archive) or -F options, which creates the files with mode 0666 and allows local users to read or overwrite those files.
CVSS v3 Severity:4.0 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): None
Availibility (A): None
CVSS v2 Severity:2.1 Low (CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
2.1 Low (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
Vulnerability Type:CWE-Other
Vulnerability Consequences:File Manipulation
References:Source: MITRE
Type: CNA
CVE-1999-1572

Source: CCN
Type: Conectiva Linux Security Announcement CLSA-2005:1002
Fixes for cpio vulnerabilities

Source: BUGTRAQ
Type: UNKNOWN
20050204 [USN-75-1] cpio vulnerability

Source: CCN
Type: RHSA-2005-073
cpio security update

Source: CCN
Type: RHSA-2005-080
cpio security update

Source: CCN
Type: RHSA-2005-806
cpio security update

Source: SECUNIA
Type: UNKNOWN
14357

Source: CCN
Type: SA17063
Avaya Products cpio Insecure File Creation Vulnerability

Source: SECUNIA
Type: UNKNOWN
17063

Source: SECUNIA
Type: UNKNOWN
17532

Source: CONFIRM
Type: UNKNOWN
http://support.avaya.com/elmodocs2/security/ASA-2005-212.pdf

Source: DEBIAN
Type: UNKNOWN
DSA-664

Source: DEBIAN
Type: DSA-664
cpio -- broken file permissions

Source: CCN
Type: FreeBSD Web site
cpio -O ignores umask

Source: MISC
Type: Exploit
http://www.freebsd.org/cgi/query-pr.cgi?pr=bin/1391

Source: CCN
Type: Cpio Web page
Cpio

Source: MANDRAKE
Type: UNKNOWN
MDKSA-2005:032

Source: REDHAT
Type: UNKNOWN
RHSA-2005:073

Source: REDHAT
Type: UNKNOWN
RHSA-2005:080

Source: REDHAT
Type: UNKNOWN
RHSA-2005:806

Source: CCN
Type: BID-12404
CPIO Archiver Local Insecure File Creation Vulnerability

Source: TRUSTIX
Type: UNKNOWN
2005-0003

Source: CCN
Type: TLSA-2005-30
Umask bug

Source: CCN
Type: USN-75-1
cpio vulnerability

Source: XF
Type: UNKNOWN
cpio-o-archive-insecure-permissions(19167)

Source: XF
Type: UNKNOWN
cpio-o-archive-insecure-permissions(19167)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:10888

Vulnerable Configuration:Configuration 1:
  • cpe:/o:debian:debian_linux:3.0:*:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:2.1.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:9.2:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:cs2.1:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:cs3.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4.0:*:advanced_server:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4.0:*:enterprise_server:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4.0:*:workstation:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*
  • OR cpe:/o:ubuntu:ubuntu_linux:4.10:*:*:*:*:*:*:*

    • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:*:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:gnu:cpio:*:*:*:*:*:*:*:*
  • AND
  • cpe:/o:freebsd:freebsd:2.1.0:*:*:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:3.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:ws:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:9.2:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::ws:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::as:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::desktop:*:*:*:*:*
  • OR cpe:/o:conectiva:linux:10:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*
  • OR cpe:/o:turbolinux:turbolinux:10:*:*:*:server:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*
  • OR cpe:/o:redhat:linux_advanced_workstation:2.1:*:itanium:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:10.1:*:x86-64:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:9.2:*:amd64:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:x86_64:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.mitre.oval:def:10888
    V
    		cpio on FreeBSD 2.1.0, Debian GNU/Linux 3.0, and possibly other operating systems, uses a 0 umask when creating files using the -O (archive) or -F options, which creates the files with mode 0666 and allows local users to read or overwrite those files.
    2013-04-29
    oval:com.redhat.rhsa:def:20050080
    P
    		RHSA-2005:080: cpio security update (Low)
    2005-02-18
    oval:com.redhat.rhsa:def:20050073
    P
    		RHSA-2005:073: cpio security update (Low)
    2005-02-15
    oval:org.debian:def:664
    V
    		broken file permissions
    2005-02-02
    BACK
    debian debian linux 3.0
    freebsd freebsd 2.1.0
    mandrakesoft mandrake linux 9.2
    mandrakesoft mandrake linux 10.0
    mandrakesoft mandrake linux 10.1
    mandrakesoft mandrake linux cs2.1
    mandrakesoft mandrake linux cs3.0
    redhat enterprise linux 4.0
    redhat enterprise linux 4.0
    redhat enterprise linux 4.0
    redhat enterprise linux desktop 4.0
    ubuntu ubuntu linux 4.10
    gnu cpio *
    freebsd freebsd 2.1.0
    debian debian linux 3.0
    mandrakesoft mandrake linux corporate server 2.1
    redhat enterprise linux 2.1
    redhat enterprise linux 2.1
    redhat enterprise linux 2.1
    mandrakesoft mandrake linux 9.2
    redhat enterprise linux 3
    redhat enterprise linux 3
    redhat enterprise linux 3
    mandrakesoft mandrake linux 10.0
    redhat enterprise linux 3
    conectiva linux 10
    mandrakesoft mandrake linux 10.1
    turbolinux turbolinux 10
    mandrakesoft mandrake linux corporate server 3.0
    redhat enterprise linux 4
    redhat enterprise linux 4
    redhat enterprise linux 4
    redhat enterprise linux 4
    redhat linux advanced workstation 2.1
    mandrakesoft mandrake linux 10.1
    mandrakesoft mandrake linux corporate server 3.0
    mandrakesoft mandrake linux 9.2
    mandrakesoft mandrake linux 10.0
    mandrakesoft mandrake linux corporate server 2.1