Description
login in Slackware Linux 3.2 through 3.5 does not properly check for an error when the /etc/group file is missing, which prevents it from dropping privileges, causing it to assign root privileges to any local user who logs on to the server.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by Richard Thomas · textlocallinux
https://www.exploit-db.com/exploits/19122
References (2)
Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/155
Mailing List mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=90221104525951&w=2
Scores
EPSS
0.0038
EPSS Percentile
59.6%
Details
Status
published
Products (5)
slackware/slackware_linux
3.1
slackware/slackware_linux
3.2
slackware/slackware_linux
3.3
slackware/slackware_linux
3.4
slackware/slackware_linux
3.5
Published
Jul 13, 1998
Tracked Since
Feb 18, 2026