Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-1175

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2001-1175
Last Modified 05 Sep 2008 04:25:52
Published 01 Apr 2002 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2001-1175

Summary

vipw in the util-linux package before 2.10 causes /etc/shadow to be world-readable in some cases, which would make it easier for local users to perform brute force password guessing.

Vulnerable Systems

Application

  • Andries Brouwer Util-linux 2.10s

  • Andries Brouwer Util-linux 2.11d


References

XF - vipw-world-readable-files(6851)

BID - 3036

REDHAT - RHSA-2001:095

REDHAT - RHSA-2001:132


Last Updated: 27 May 2016 10:36:34