CVE-1999-1471

Name of the Vulnerable Software and Affected Versions BSD based operating systems versions 4.3 and earlier

Description A buffer overflow issue in the passwd component of BSD based operating systems allows local users to gain root privileges. This is achieved by specifying a long shell or GECOS field.

Recommendations For versions 4.3 and earlier, consider restricting access to the passwd component until a fix is available. As a temporary workaround, limit the length of shell and GECOS fields to prevent exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.