Vulnerability Assessment & Network Security Forums

If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.

Home >> Browse Vulnerability Assessment Database >> SuSE Local Security Checks >> SUSE-SA:2005:064: pwdutils, shadow

Vulnerability Assessment Details

SUSE-SA:2005:064: pwdutils, shadow
Vulnerability Assessment Summary
Check for the version of the pwdutils, shadow package

Detailed Explanation for this Vulnerability Assessment

The remote host is missing the patch for the advisory SUSE-SA:2005:064 (pwdutils, shadow).


Thomas Gerisch found that the setuid 'chfn' program contained in the
pwdutils suite insufficiently checks it's arguments when changing
the GECOS field. This bug leads to a trivially exploitable local
privilege escalation that permits users to gain root access.

We like to thank Thomas Gerisch for pointing out the problem.


Solution : http://www.suse.de/security/advisories/2005_64_pwdutils.html
Network Security Threat Level: High

Networks Security ID:

Vulnerability Assessment Copyright: This script is Copyright (C) 2005 Tenable Network Security
Cables, Connectors


Dell PowerEdge M620 Blade Server picture

Dell PowerEdge M620 Blade Server

$39.99


Dell PowerEdge M620 0F9HJC Blade Server 2*E5-2670 2.60GHz 192GB RAM 2*300GB SAS picture

Dell PowerEdge M620 0F9HJC Blade Server 2*E5-2670 2.60GHz 192GB RAM 2*300GB SAS

$103.99


Dell PowerEdge M630 Blade Server 1x Xeon E5-2630 v4 CPU / Motherboard P/N 0R10KG picture

Dell PowerEdge M630 Blade Server 1x Xeon E5-2630 v4 CPU / Motherboard P/N 0R10KG

$69.99


HP ProLiant BL460c G9 (Gen9) 2x E5-2670V3 12 Core 3.1GHz No Ram or No Drives picture

HP ProLiant BL460c G9 (Gen9) 2x E5-2670V3 12 Core 3.1GHz No Ram or No Drives

$59.98


DELL M630 BLADE SERVER x2 XEON E5-2660V3 @ 2.6GH H730 PERC HDD CADDIES 16GB FC picture

DELL M630 BLADE SERVER x2 XEON E5-2660V3 @ 2.6GH H730 PERC HDD CADDIES 16GB FC

$50.00


Dell PowerEdge MX7000 CTO Blade 8 slot 7U Chassis 6x 3000W 2x MX9002m picture

Dell PowerEdge MX7000 CTO Blade 8 slot 7U Chassis 6x 3000W 2x MX9002m

$2399.00


Dell PowerEdge M520 Blade Server 1x Xeon E5-2440 V2 1.9 GHzCPU 96GB RAM VRTX picture

Dell PowerEdge M520 Blade Server 1x Xeon E5-2440 V2 1.9 GHzCPU 96GB RAM VRTX

$119.69


Dell PowerEdge VRTX 2x PowerEdge M630 Blade Server 512GB Ram Total w/ Rails picture

Dell PowerEdge VRTX 2x PowerEdge M630 Blade Server 512GB Ram Total w/ Rails

$1750.00


Cisco UCS 5108 Blade Server Chassis Enclosure N20-C6508 4x PSU 8x Fans 2x Fabric picture

Cisco UCS 5108 Blade Server Chassis Enclosure N20-C6508 4x PSU 8x Fans 2x Fabric

$139.99


DELL PowerEdge M630 Blade 2x E5-2680v4 2.4GHz =28 Cores 32GB H330 2x10Gb X520 picture

DELL PowerEdge M630 Blade 2x E5-2680v4 2.4GHz =28 Cores 32GB H330 2x10Gb X520

$174.00


Discussions

No Discussions have been posted on this vulnerability.