EUVD-2001-0120

Malware in sbrugna...

Mandrake Linux Security Advisory : shadow-utils (MDKSA-2001:007)

WireX discovered a potential temporary file race condition in the useradd program contained in the shadow-utils package. The useradd program creates it's temporary files in the protected directory /etc/default, but if this directory is changed to world-writable, a problem could occur. This update...

Moderate: Red Hat Security Advisory: shadow-utils security update

Updated shadow-utils packages are now available. These updated packages correct a bug that caused the useradd tool to create mail spools with incorrect permissions. The shadow-utils package includes programs for converting UNIX password files to the shadow password format, plus programs for...

CVE-2001-0120

useradd program in shadow-utils program may allow local users to overwrite arbitrary files via a symlink attack...

sun.useradd.expir.date.txt

Date: Thu, 10 Jun 1999 11:16:32 -0500 From: Chad Price To: [email protected] Subject: Sun Useradd program expiration date bug This has been tested and verified only on Solaris 7. Sun has provided a useradd binary as well as the gui admintool for adding new users. This program it's a binary in...