CVE-2006-1174
useradd in shadow-utils before 4.0.3, and possibly other versions before 4.0.8, does not provide a required argument to the open function when creating a new user mailbox, which causes the mailbox to be created with unpredictable permissions and possibly allows attackers to read or modify the mailbox.
Date published : 2006-05-28
http://www.securityfocus.com/bid/18111
http://www.securityfocus.com/archive/1/468336/100/0/threaded