CVE-2002-0638

setpwnam.c in the util-linux package, as included in Red Hat Linux 7.3 and earlier, and other operating systems, does not properly lock a temporary file when modifying /etc/passwd, which may allow local users to gain privileges via a complex race condition that uses an open file descriptor in utility programs such as chfn and chsh.

Published: Aug 12, 2002
Updated: Apr 13, 2023
CVE: CVE-2002-0638
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 6.2
AV:L/AC:H/Au:N/C:C/I:C/A:C

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
mandrakesoft / mandrake_single_network_firewall	7.2	7.2.x
mandrakesoft / mandrake_linux	7.2	7.2.x
redhat / linux	6.1	6.1.x
mandrakesoft / mandrake_linux	8.2	8.2.x
redhat / linux	7.0	7.0.x
redhat / linux	6.2	6.2.x
mandrakesoft / mandrake_linux	7.0	7.0.x
redhat / linux	6.0	6.0.x
redhat / linux	7.2	7.2.x
mandrakesoft / mandrake_linux	8.1	8.1.x
mandrakesoft / mandrake_linux_corporate_server	1.0.1	1.0.1.x
mandrakesoft / mandrake_linux	7.1	7.1.x
redhat / linux	7.3	7.3.x
hp / secure_os	1.0	1.0.x
mandrakesoft / mandrake_linux	8.0	8.0.x
redhat / linux	7.1	7.1.x

Vulnerability Database

289,599

CVE-2002-0638