4 matches found
CVE-2006-3378
passwd command in shadow in Ubuntu 5.04 through 6.06 LTS, when called with the -f, -g, or -s flag, does not check the return code of a setuid call, which might allow local users to gain root privileges if setuid fails in cases such as PAM failures or resource limits...
CVE-2006-3378
passwd command in shadow in Ubuntu 5.04 through 6.06 LTS, when called with the -f, -g, or -s flag, does not check the return code of a setuid call, which might allow local users to gain root privileges if setuid fails in cases such as PAM failures or resource limits...
CVE-2006-3378
CVE-2006-3378 affects the shadow passwd handling in Ubuntu 5.04–6.06 LTS, where passwd invoked with -f, -g, or -s does not check the return code of a setuid() call. This can allow local users to gain root privileges if setuid fails (e.g., due to PAM limits or resource caps). Exploitation details ...
CVE-2006-3378
passwd command in shadow in Ubuntu 5.04 through 6.06 LTS, when called with the -f, -g, or -s flag, does not check the return code of a setuid call, which might allow local users to gain root privileges if setuid fails in cases such as PAM failures or resource limits...