CVE-2006-3378

Name of the Vulnerable Software and Affected Versions Ubuntu versions 5.04 through 6.06 LTS

Description The issue is related to the passwd command in shadow, which does not check the return code of a setuid call when invoked with certain flags. This could potentially allow local users to gain root privileges under specific conditions, such as setuid failures due to PAM failures or resource limits.

Recommendations For Ubuntu versions 5.04 through 6.06 LTS, consider updating to a newer version that includes a fix for this issue, as the current version may allow local users to escalate privileges under certain conditions. At the moment, there is no information about a newer version that contains a fix for this vulnerability.