FreeBSD rmuser Password Hash Disclosure Vulnerability

FreeBSD ships with a perl script called 'rmuser'. It can be used by administrators to completely remove users from a system.

The rmuser script temporarily creates a world readable copy of 'master.passwd'. If an attacker can anticipate the use of rmuser by an administrator, it may be possible to obtain the contents of 'master.passwd'.

Exploitation of this vulnerability is extremely time-dependent.


Privacy Statement
Copyright 2010, SecurityFocus