CHFN User Modification Privilege Escalation Vulnerability

Bugtraq ID: 15314
Class: Input Validation Error
CVE: CVE-2005-3503
Remote: No
Local: Yes
Published: Nov 04 2005 12:00AM
Updated: Nov 15 2007 12:37AM
Credit: This issue was announced in the referenced SUSE security advisory. Thomas Gerisch is credited with the discovery of this vulnerability.
Vulnerable: SuSE SUSE Linux Enterprise Server 8
+ Linux kernel 2.4.21
+ Linux kernel 2.4.19
shadow shadow 4.0.3
Salvatore Valente chfn
S.u.S.E. UnitedLinux 1.0
S.u.S.E. Linux Professional 10.0 OSS
S.u.S.E. Linux Professional 10.0
S.u.S.E. Linux Professional 9.3 x86_64
S.u.S.E. Linux Professional 9.3
S.u.S.E. Linux Professional 9.2 x86_64
S.u.S.E. Linux Professional 9.2
S.u.S.E. Linux Professional 9.1 x86_64
S.u.S.E. Linux Professional 9.1
S.u.S.E. Linux Professional 9.0 x86_64
S.u.S.E. Linux Professional 9.0
S.u.S.E. Linux Personal 10.0 OSS
S.u.S.E. Linux Personal 9.3 x86_64
S.u.S.E. Linux Personal 9.3
S.u.S.E. Linux Personal 9.2 x86_64
S.u.S.E. Linux Personal 9.2
S.u.S.E. Linux Personal 9.1 x86_64
S.u.S.E. Linux Personal 9.1
S.u.S.E. Linux Personal 9.0 x86_64
S.u.S.E. Linux Personal 9.0
S.u.S.E. Linux Enterprise Server for S/390 9.0
S.u.S.E. Linux Enterprise Server 9
S.u.S.E. Linux Desktop 1.0
S.u.S.E. Linux 8.1
S.u.S.E. Linux 8.0 i386
S.u.S.E. Linux 8.0
pwdutils pwdutils 3.0.4
pwdutils pwdutils 2.6.96
pwdutils pwdutils 2.6.90
pwdutils pwdutils 2.6.4
pwdutils pwdutils 2.6.3
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus