vipw in the util-linux package prior to 2.10 causes /etc/shadow to be world-readable in some cases, which would make it easier for local users to perform brute force password guessing.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
andries brouwer util-linux 2.10s |
||
andries brouwer util-linux 2.11d |