PT-2005-1628 · Unknown · Cmd5Checkpw

Florian Westphal

Publicado

2005-02-25

Atualizado

2008-09-05

CVE-2005-0580

CVSS v2.0

2.1

Baixa

Vetor

AV:L/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions cmd5checkpw (affected versions not specified)

Description The issue is related to cmd5checkpw, which does not properly drop privileges when running setuid. This allows local users to read the poppasswd file by exploiting the improper privilege handling before the execvp function is called.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2005-0580

Produtos afetados

Cmd5Checkpw

PT-2005-1628 · Unknown · Cmd5Checkpw

CVE-2005-0580

Identificadores relacionados

Produtos afetados

Referências · 2