QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2001-1017

Back to search

CVE-2001-1017

Published: Mar 9, 2002

Modified: Aug 8, 2024

PUBLISHED

Description

rmuser utility in FreeBSD 4.2 and 4.3 creates a copy of the master.passwd file with world-readable permissions while updating the original file, which could allow local users to gain privileges by reading the copied file while rmuser is running, obtain the password hashes, and crack the passwords.

VendorProductVersions

n/a

n/a

affected
n/a

References

3282
vdb-entry
x_refsource_BID
1947
vdb-entry
x_refsource_OSVDB

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now