OpenBSD CHPass Temporary File Link File Content Revealing Vulnerability

It has been reported that a problem with chpass included with OpenBSD may allow local users to gain access to the content of specific files. This vulnerability requires that lines in the target file be constructed in a specific format. This problem also affects the chfn and chsh programs which are hard links to the chpass binary.


Privacy Statement
Copyright 2010, SecurityFocus