Insecure Umask Settings in J-Pilot Installation Allows Unauthorized Access to PalmOS Backup Information

Insecure Umask Settings in J-Pilot Installation Allows Unauthorized Access to PalmOS Backup Information

CVE-2001-0067 · LOW Severity

AV:L/AC:L/AU:N/C:P/I:N/A:N

The installation of J-Pilot creates the .jpilot directory with the user's umask, which could allow local attackers to read other users' PalmOS backup information if their umasks are not securely set.

Learn more about our User Device Pen Test.