Vulnerabilities > CVE-2005-3503 - Privilege Escalation vulnerability in CHFN User Modification

CVSS 7.2 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

local

low complexity

pwdutils

exploit available

NVD

Published: 2005-11-05

Updated: 2018-10-19

Summary

chfn in pwdutils 3.0.4 and earlier on SuSE Linux, and possibly other operating systems, does not properly check arguments for the GECOS field, which allows local users to gain privileges.

Vulnerable Configurations

Part	Description	Count
Application	Pwdutils Pwdutils Pwdutils *	1

Exploit-Db

description	SuSE Linux <= 9.3, 10 (chfn) Local Root Privilege Escalation Exploit. CVE-2005-3503. Local exploit for linux platform
id	EDB-ID:1299
last seen	2016-01-31
modified	2005-11-08
published	2005-11-08
reporter	Hunger
source	https://www.exploit-db.com/download/1299/
title	SuSE Linux <= 9.3 / 10 - chfn Local Root Privilege Escalation Exploit

Summary

Vulnerable Configurations

Exploit-Db

References