Synopsis: Low: shadow-utils security and bug fix update Issue date: 2007-05-01 CVE Names: CVE-2006-1174 A flaw was found in the useradd tool in shadow-utils. A new user's mailbox, when created, could have random permissions for a short period. This could allow a local attacker to read or modify the mailbox. (CVE-2006-1174) SRPMS: shadow-utils-4.0.3-61.RHEL4.src.rpm i386: shadow-utils-4.0.3-61.RHEL4.i386.rpm x86_64: shadow-utils-4.0.3-61.RHEL4.x86_64.rpm -Connie Sieh -Troy Dawson