CVE-2001-1175

Name of the Vulnerable Software and Affected Versions util-linux versions prior to 2.10 util-linux version 2.10s util-linux version 2.11f

Description The issue affects the util-linux package and can lead to a breach of confidentiality, integrity, and availability of protected information. It can be exploited locally, potentially making it easier for local users to perform brute force password guessing by accessing /etc/shadow, which may be world-readable in some cases.

Recommendations For util-linux versions prior to 2.10, update to version 2.10 or later. For util-linux version 2.10s, update to a version later than 2.10s. For util-linux version 2.11f, update to a version later than 2.11f. As a temporary workaround, consider restricting access to sensitive files such as /etc/shadow to minimize the risk of exploitation.