Vulnerability Details CVE-2005-3503
chfn in pwdutils 3.0.4 and earlier on SuSE Linux, and possibly other operating systems, does not properly check arguments for the GECOS field, which allows local users to gain privileges.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 71.5%
CVSS Severity
CVSS v2 Score 7.2
References
- http://secunia.com/advisories/17469
- http://www.osvdb.org/20525
- http://www.securityfocus.com/archive/1/415725/30/0/threaded
- http://www.securityfocus.com/bid/15314
- http://secunia.com/advisories/17469
- http://www.osvdb.org/20525
- http://www.securityfocus.com/archive/1/415725/30/0/threaded
- http://www.securityfocus.com/bid/15314