CVE-2005-3503

pwdutils <3.0.4 - Privilege Escalation

Title source: llm

Description

chfn in pwdutils 3.0.4 and earlier on SuSE Linux, and possibly other operating systems, does not properly check arguments for the GECOS field, which allows local users to gain privileges.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Hunger · bashlocallinux

https://www.exploit-db.com/exploits/1299

View Code ZIP pw:eip

References (4)

[Third Party Advisory, VDB Entry] http://www.osvdb.org/20525

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/415725/30/0/threaded

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/15314

[Third Party Advisory] http://secunia.com/advisories/17469

Scores

EPSS 0.0064

EPSS Percentile 70.6%

Details

Status published

Products (1)

pwdutils/pwdutils < 3.0.4

Published Nov 05, 2005

Tracked Since Feb 18, 2026