shadow vulnerability

2006-07-0600:00:00

ubuntu.com

6.6 Medium

AI Score

Confidence

High

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

24.7%

JSON

Releases

Ubuntu 6.06
Ubuntu 5.10
Ubuntu 5.04

Details

Ilja van Sprundel discovered that passwd, when called with the -f, -g,
or -s option, did not check the result of the setuid() call. On
systems that configure PAM limits for the maximum number of user
processes, a local attacker could exploit this to execute chfn,
gpasswd, or chsh with root privileges.

This does not affect the default configuration of Ubuntu.

OSVersionArchitecturePackageVersionFilename
Ubuntu6.06noarchpasswd< 1:4.0.13-7ubuntu3.1UNKNOWN
Ubuntu5.10noarchpasswd< 1:4.0.3-37ubuntu10UNKNOWN
Ubuntu5.04noarchpasswd< 1:4.0.3-30.7ubuntu16.1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
Ubuntu	6.06	noarch	passwd	< 1:4.0.13-7ubuntu3.1	UNKNOWN
Ubuntu	5.10	noarch	passwd	< 1:4.0.3-37ubuntu10	UNKNOWN
Ubuntu	5.04	noarch	passwd	< 1:4.0.3-30.7ubuntu16.1	UNKNOWN