CVE-2001-1017

Name of the Vulnerable Software and Affected Versions FreeBSD versions 4.2 through 4.3

Description The issue allows local users to potentially gain privileges by reading a copied file while it is being updated. This could enable them to obtain password hashes and crack the passwords.

Recommendations For versions 4.2 through 4.3, update the rmuser utility to ensure it does not create world-readable copies of the master.passwd file. At the moment, there is no information about a newer version that contains a fix for this vulnerability.