Nessus Plugin #15683
Plugin Index
Note: This file has been created from a
downloaded version of the Nessus Plugins
from
http://www.nessus.org/.
Therefore, the information here can be outdated.
[DSA585] DSA-585-1 shadow
- Family:
- Debian Local Security Checks
- Category:
- infos
- Copyright:
- This script is (C) 2004 Michel Arboi
- Summary:
- DSA-585-1 shadow
- Version:
- $Revision: 1.1 $
- Cve_id:
- CAN-2004-1001
- Bugtraq_id:
- -
- Xrefs:
- DSA:585
- Description:
A vulnerability has been discovered in the shadow suite which provides
programs like chfn and chsh. It is possible for a user, who is logged
in but has an expired password to alter his account information with
chfn or chsh without having to change the password. The problem was
originally thought to be more severe.
For the stable distribution (woody) this problem has been fixed in
version 20000902-12woody1.
For the unstable distribution (sid) this problem has been fixed in
version 4.0.3-30.3.
We recommend that you upgrade your passwd package (from the shadow
suite).
Solution : http://www.debian.org/security/2004/dsa-585
Risk factor : High
Generiert am 27.04.2005 um 18:49:54 Uhr.