Vulnerability in Hp Secure_os

CVE-2002-0638

setpwnam.c in the util-linux package, as included in Red Hat Linux 7.3 and earlier, and other operating systems, does not properly lock a temporary file when modifying /etc/passwd, which may allow local users to gain privileges via a compl…

EPSS: 0.005 (40.4th percentile) — read the EPSS interpretation.

Affected products

Hp Secure_os — versions 1.0
Mandrakesoft Mandrake_linux — versions 7.0, 7.1, 7.2
Mandrakesoft Mandrake_linux_corporate_server — versions 1.0.1
Mandrakesoft Mandrake_single_network_firewall — versions 7.2
Redhat Linux — versions 6.0, 6.1, 6.2
N/a — versions n/a

References

cve@mitre.org (vdb-entry, x_refsource_BID)
cve@mitre.org (vdb-entry, x_refsource_XF)
cve@mitre.org (vendor-advisory, x_refsource_MANDRAKE)
cve@mitre.org (x_refsource_REDHAT, vendor-advisory, Patch, Vendor Advisory)
cve@mitre.org (US Government Resource, x_refsource_CERT-VN, Patch, Third Party Advisory, third-party-advisory)
cve@mitre.org (mailing-list, x_refsource_VULNWATCH)
cve@mitre.org (vendor-advisory, x_refsource_CONECTIVA)
cve@mitre.org (x_refsource_HP, vendor-advisory)
cve@mitre.org (mailing-list, x_refsource_BUGTRAQ)
cve@mitre.org (mailing-list, x_refsource_BUGTRAQ)