Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

Gentoo: GLSA-200411-09 Low Severity: Shadow Unauthorized Change Risk

gentoo
Calendar Grey November 4, 2004
Dist Gentoo Esm H88
Changes to configuration settings in Gentoo's shadow may not be authorized. Take action to mitigate this minor risk promptly.
A flaw in the chfn and chsh utilities might allow modification of account properties by unauthorized users.

Summary

Gentoo Linux Security Advisory GLSA 200411-09 https://security.gentoo.org/ Severity: Low Title: shadow: Unauthorized modification of account information Date: November 04, 2004 Bugs: #69212 ID: 200411-09

Synopsis ======= A flaw in the chfn and chsh utilities might allow modification of account properties by unauthorized users.
Background ========= shadow provides a set of utilities to deal with user accounts.
Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 sys-apps/shadow < 4.0.5-r1 >= 4.0.5-r1
========== Martin Schulze reported a flaw in the passwd_check() function in "libmisc/pwdcheck.c" which is used by chfn and chsh.
Impact ===== A local attacker m...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory unauthorized access gentoo user management low severity shadow account modification

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Severity
low
Lowest
Low
Medium
High
Critical

Topics%20covered

Topics Covered

security advisory unauthorized access gentoo user management low severity shadow account modification

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround

Your message here