CVE-2001-1175

Description

vipw in the util-linux package before 2.10 causes /etc/shadow to be world-readable in some cases, which would make it easier for local users to perform brute force password guessing.

Affected products

• andries_brouwer / util-linux2.10s – 2.10s
• andries_brouwer / util-linux2.11d – 2.11d

References

• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/6851
• MISChttp://www.securityfocus.com/bid/3036
• MISChttp://www.redhat.com/support/errata/RHSA-2001-132.html
• MISChttp://www.redhat.com/support/errata/RHSA-2001-095.html