CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2002-0638

setpwnam.c in the util-linux package, as included in Red Hat Linux 7.3 and earlier, and other operating systems, does not properly lock a temporary file when modifying /etc/passwd, which may allow local users to gain privileges via a complex race condition that uses an open file descriptor in utility programs such as chfn and chsh.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 25.9%

CVSS Severity

CVSS v2 Score 6.2

References

Products affected by CVE-2002-0638

Mandrakesoft » Mandrake Single Network Firewall » Version: 7.2

cpe:2.3:a:mandrakesoft:mandrake_single_network_firewall:7.2
Hp » Secure Os » Version: 1.0

cpe:2.3:o:hp:secure_os:1.0
Mandrakesoft » Mandrake Linux » Version: 7.0

cpe:2.3:o:mandrakesoft:mandrake_linux:7.0
Mandrakesoft » Mandrake Linux » Version: 7.1

cpe:2.3:o:mandrakesoft:mandrake_linux:7.1
Mandrakesoft » Mandrake Linux » Version: 7.2

cpe:2.3:o:mandrakesoft:mandrake_linux:7.2
Mandrakesoft » Mandrake Linux » Version: 8.0

cpe:2.3:o:mandrakesoft:mandrake_linux:8.0
Mandrakesoft » Mandrake Linux » Version: 8.1

cpe:2.3:o:mandrakesoft:mandrake_linux:8.1
Mandrakesoft » Mandrake Linux » Version: 8.2

cpe:2.3:o:mandrakesoft:mandrake_linux:8.2
Mandrakesoft » Mandrake Linux Corporate Server » Version: 1.0.1

cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:1.0.1
Redhat » Linux » Version: 6.0

cpe:2.3:o:redhat:linux:6.0
Redhat » Linux » Version: 6.1

cpe:2.3:o:redhat:linux:6.1
Redhat » Linux » Version: 6.2

cpe:2.3:o:redhat:linux:6.2
Redhat » Linux » Version: 7.0

cpe:2.3:o:redhat:linux:7.0
Redhat » Linux » Version: 7.1

cpe:2.3:o:redhat:linux:7.1
Redhat » Linux » Version: 7.2

cpe:2.3:o:redhat:linux:7.2
Redhat » Linux » Version: 7.3

cpe:2.3:o:redhat:linux:7.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2002-0638

Products

Pricing

Contact Us