fkie_cve-2002-0638
Vulnerability from fkie_nvd
Published
2002-08-12 04:00
Modified
2024-11-20 23:39
Severity ?
Summary
setpwnam.c in the util-linux package, as included in Red Hat Linux 7.3 and earlier, and other operating systems, does not properly lock a temporary file when modifying /etc/passwd, which may allow local users to gain privileges via a complex race condition that uses an open file descriptor in utility programs such as chfn and chsh.
References
cve@mitre.orgftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-043.0.txt
cve@mitre.orghttp://archives.neohapsis.com/archives/bugtraq/2002-07/0357.html
cve@mitre.orghttp://archives.neohapsis.com/archives/bugtraq/2002-07/0396.html
cve@mitre.orghttp://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000523
cve@mitre.orghttp://marc.info/?l=bugtraq&m=102795787713996&w=2
cve@mitre.orghttp://online.securityfocus.com/advisories/4320
cve@mitre.orghttp://rhn.redhat.com/errata/RHSA-2002-132.htmlPatch, Vendor Advisory
cve@mitre.orghttp://www.iss.net/security_center/static/9709.php
cve@mitre.orghttp://www.kb.cert.org/vuls/id/405955Patch, Third Party Advisory, US Government Resource
cve@mitre.orghttp://www.linux-mandrake.com/en/security/2002/MDKSA-2002-047.php
cve@mitre.orghttp://www.osvdb.org/5164
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2002-137.html
cve@mitre.orghttp://www.securityfocus.com/bid/5344
af854a3a-2127-422b-91ae-364da2661108ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-043.0.txt
af854a3a-2127-422b-91ae-364da2661108http://archives.neohapsis.com/archives/bugtraq/2002-07/0357.html
af854a3a-2127-422b-91ae-364da2661108http://archives.neohapsis.com/archives/bugtraq/2002-07/0396.html
af854a3a-2127-422b-91ae-364da2661108http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000523
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=102795787713996&w=2
af854a3a-2127-422b-91ae-364da2661108http://online.securityfocus.com/advisories/4320
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2002-132.htmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.iss.net/security_center/static/9709.php
af854a3a-2127-422b-91ae-364da2661108http://www.kb.cert.org/vuls/id/405955Patch, Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-047.php
af854a3a-2127-422b-91ae-364da2661108http://www.osvdb.org/5164
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2002-137.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/5344
Impacted products
Vendor Product Version
mandrakesoft mandrake_single_network_firewall 7.2
hp secure_os 1.0
mandrakesoft mandrake_linux 7.0
mandrakesoft mandrake_linux 7.1
mandrakesoft mandrake_linux 7.2
mandrakesoft mandrake_linux 8.0
mandrakesoft mandrake_linux 8.0
mandrakesoft mandrake_linux 8.1
mandrakesoft mandrake_linux 8.1
mandrakesoft mandrake_linux 8.2
mandrakesoft mandrake_linux_corporate_server 1.0.1
redhat linux 6.0
redhat linux 6.0
redhat linux 6.0
redhat linux 6.1
redhat linux 6.1
redhat linux 6.1
redhat linux 6.2
redhat linux 6.2
redhat linux 6.2
redhat linux 7.0
redhat linux 7.0
redhat linux 7.1
redhat linux 7.1
redhat linux 7.1
redhat linux 7.2
redhat linux 7.2
redhat linux 7.2
redhat linux 7.3


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:mandrakesoft:mandrake_single_network_firewall:7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A188467-3856-4599-A2CD-BD2655974B63",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:hp:secure_os:1.0:*:linux:*:*:*:*:*",
              "matchCriteriaId": "B345284D-6842-47C0-B823-B5DDC30CC8A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4853E92-5E0A-47B9-A343-D5BEE87D2C27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3EC1FF5D-5EAB-44D5-B281-770547C70D68",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A8FBD5A-2FD0-43CD-AC4B-1D6984D336FE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4371A667-18E1-4C54-B2E1-6F885F22F213",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.0:*:ppc:*:*:*:*:*",
              "matchCriteriaId": "5B28763D-8F4B-45E5-82FA-AB7E54C18EBF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "205EF72B-7334-4AE0-9CA6-D2E8E5910C8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.1:*:ia64:*:*:*:*:*",
              "matchCriteriaId": "613A22EC-D93C-48B0-B97C-3E0DDFBD0B62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEB99324-3062-426F-8E2F-44DC3A7ADB2A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "97E09AD9-F057-4264-88BB-A8A18C1B1246",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DFA94D5-0139-490C-8257-0751FE9FBAE4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:6.0:*:alpha:*:*:*:*:*",
              "matchCriteriaId": "6931FB54-A163-4CE3-BBD9-D345AA0977A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:6.0:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "5ABD1331-277C-4C31-8186-978243C62255",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2EC4D3AB-38FA-4D44-AF5C-2DCD15994E76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:6.1:*:alpha:*:*:*:*:*",
              "matchCriteriaId": "C89454B9-4F45-4A42-A06D-ED42D893C544",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:6.1:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "1E64093E-7D53-4238-95C3-48ED5A0FFD97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0633B5A6-7A88-4A96-9462-4C09D124ED36",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:6.2:*:alpha:*:*:*:*:*",
              "matchCriteriaId": "344610A8-DB6D-4407-9304-916C419F648C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:6.2:*:sparc:*:*:*:*:*",
              "matchCriteriaId": "64775BEF-2E53-43CA-8639-A7E54F6F4222",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "29B186E5-7C2F-466E-AA4A-8F2B618F8A14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:7.0:*:alpha:*:*:*:*:*",
              "matchCriteriaId": "FD6576E2-9F26-4857-9F28-F51899F1EF48",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D46E093-1C68-43BB-B281-12117EC8DE0F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:7.1:*:alpha:*:*:*:*:*",
              "matchCriteriaId": "7F3FAAB3-7A8A-42E5-9DCE-E4A843CED1B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:7.1:*:ia64:*:*:*:*:*",
              "matchCriteriaId": "ED36543D-C21B-4B4B-A6AD-6E19B08B5DD7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E562907F-D915-4030-847A-3C6834A80D4E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:7.2:*:alpha:*:*:*:*:*",
              "matchCriteriaId": "6EAAC51F-9DC5-4026-8147-1B74975D6183",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:7.2:*:ia64:*:*:*:*:*",
              "matchCriteriaId": "9D47D6FE-56A9-42CF-9A9B-AEE272C061F7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:linux:7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "138985E6-5107-4E8B-A801-C3D5FE075227",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "setpwnam.c in the util-linux package, as included in Red Hat Linux 7.3 and earlier, and other operating systems, does not properly lock a temporary file when modifying /etc/passwd, which may allow local users to gain privileges via a complex race condition that uses an open file descriptor in utility programs such as chfn and chsh."
    },
    {
      "lang": "es",
      "value": "setpwnam.c en el paquete util-linux, como se incluye en Red Hat Linux 7.3 y antieriores, y en otros sistemas operativos, no bloquea adecuadamente un fichero temporal cuando se modifica /etc/passwd, lo que puede permitir a usuarios locales ganar privilegios mediante una compleja condici\u00f3n de carrera que usa un descriptor de fichero abierto en utilidades como chfn y chsh."
    }
  ],
  "id": "CVE-2002-0638",
  "lastModified": "2024-11-20T23:39:31.580",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "HIGH",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 6.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 1.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2002-08-12T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-043.0.txt"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0357.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0396.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000523"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=102795787713996\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://online.securityfocus.com/advisories/4320"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2002-132.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.iss.net/security_center/static/9709.php"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/405955"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-047.php"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.osvdb.org/5164"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2002-137.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/5344"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-043.0.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0357.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0396.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000523"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=102795787713996\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://online.securityfocus.com/advisories/4320"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2002-132.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.iss.net/security_center/static/9709.php"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/405955"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-047.php"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/5164"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2002-137.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/5344"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.