Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-3503

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2005-3503
Last Modified 05 Sep 2008 04:54:34
Published 05 Nov 2005 06:02:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2005-3503

Summary

chfn in pwdutils 3.0.4 and earlier on SuSE Linux, and possibly other operating systems, does not properly check arguments for the GECOS field, which allows local users to gain privileges.

Vulnerable Systems

Application

  • Pwdutils 3.0.4


References

SUSE - SUSE-SA:2005:064

BID - 15314

OSVDB - 20525

SECUNIA - 17469


Last Updated: 27 May 2016 10:40:56