QwikSec

Security Database

CVE

CWE

Training

CVE-2015-3246

Published: Aug 11, 2015

Modified: Aug 6, 2024

PUBLISHED

Description

libuser before 0.56.13-8 and 0.60 before 0.60-7, as used in the userhelper program in the usermode package, directly modifies /etc/passwd, which allows local users to cause a denial of service (inconsistent file state) by causing an error during the modification. NOTE: this issue can be combined with CVE-2015-3245 to gain privileges.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

vdb-entry

x_refsource_BID

FEDORA-2015-12301

vendor-advisory

x_refsource_FEDORA

exploit

x_refsource_EXPLOIT-DB

https://access.redhat.com/articles/1537873

x_refsource_CONFIRM

vendor-advisory

x_refsource_REDHAT

FEDORA-2015-12064

vendor-advisory

x_refsource_FEDORA

openSUSE-SU-2015:1332

vendor-advisory

x_refsource_SUSE

https://www.qualys.com/2015/07/23/cve-2015-3245-cve-2015-3246/cve-2015-3245-cve-2015-3246.txt

x_refsource_MISC

vdb-entry

x_refsource_SECTRACK

vendor-advisory

x_refsource_REDHAT

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.