| ID |
CVE-2006-3378
|
| Summary |
passwd command in shadow in Ubuntu 5.04 through 6.06 LTS, when called with the -f, -g, or -s flag, does not check the return code of a setuid call, which might allow local users to gain root privileges if setuid fails in cases such as PAM failures or resource limits. |
| References |
|
| Vulnerable Configurations |
-
cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:amd64:*:*:*:*:*
cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:amd64:*:*:*:*:*
-
cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:i386:*:*:*:*:*
cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:i386:*:*:*:*:*
-
cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:powerpc:*:*:*:*:*
cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:powerpc:*:*:*:*:*
-
cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:amd64:*:*:*:*:*
cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:amd64:*:*:*:*:*
-
cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:i386:*:*:*:*:*
cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:i386:*:*:*:*:*
-
cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:powerpc:*:*:*:*:*
cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:powerpc:*:*:*:*:*
-
cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:sparc:*:*:*:*:*
cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:sparc:*:*:*:*:*
-
cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:amd64:*:*:*:*:*
cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:amd64:*:*:*:*:*
-
cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:i386:*:*:*:*:*
cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:i386:*:*:*:*:*
-
cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:powerpc:*:*:*:*:*
cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:powerpc:*:*:*:*:*
-
cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:sparc:*:*:*:*:*
cpe:2.3:o:ubuntu:ubuntu_linux:6.06_lts:*:sparc:*:*:*:*:*
|
| CVSS |
| Base: | 7.2 (as of 05-09-2008 - 21:06) |
| Impact: | |
| Exploitability: | |
|
| CWE |
NVD-CWE-Other |
| CAPEC |
|
| Access |
| Vector | Complexity | Authentication |
| LOCAL |
LOW |
NONE |
|
| Impact |
| Confidentiality | Integrity | Availability |
| COMPLETE |
COMPLETE |
COMPLETE |
|
| cvss-vector
via4
|
AV:L/AC:L/Au:N/C:C/I:C/A:C
|
| refmap
via4
|
| bid | 18850 | | debian | DSA-1150 | | osvdb | 26995 | | secunia | | | ubuntu | USN-308-1 |
|
| statements
via4
|
| contributor | Mark J Cox | | lastmodified | 2006-08-16 | | organization | Red Hat | | statement | This issue affects the version of the passwd command from the shadow-utils package. Red Hat Enterprise Linux 2.1, 3, and 4 are not vulnerable to this issue. |
|
| Last major update |
05-09-2008 - 21:06 |
| Published |
06-07-2006 - 20:05 |
| Last modified |
05-09-2008 - 21:06 |
