VULHUB ™

SUSE Security Announcement - Thomas Gerisch found that the setuid 'chfn' program contained in the pwdutils suite insufficiently checks it's arguments when changing the GECOS field. This bug leads to a trivially exploitable local privilege escalation that allows users to gain root access.

SUSE Security Announcement - Thomas Gerisch found that the setuid 'chfn' program contained in the pwdutils suite insufficiently checks it's arguments when changing the GECOS field. This bug leads to a trivially exploitable local privilege escalation that allows users to gain root access.