CVE-2002-0638: CVE-2002-0638

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2002-0638

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

setpwnam.c in the util-linux package, as included in Red Hat Linux 7.3 and earlier, and other operating systems, does not properly lock a temporary file when modifying /etc/passwd, which may allow local users to gain privileges via a complex race condition that uses an open file descriptor in utility programs such as chfn and chsh.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Util-linux文件锁住本地竞争条件漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

util-linux是一套包含多种系统工具如'chfn'和'chsh'的软件包，包含在多种Linux系统中。 util-linux工具在代码共享处理中存在竞争条件问题，本地攻击者可以利用这个漏洞进行权限提升。 util-linux工具包含多个工具用于执行Linux系统功能，如'chfn'工具允许用户修改存储在/etc/passwd文件中的个人信息，要修改此文件，应用程序需要以setuid root权限安装。在部分条件下，利用util-linux工具中login-utils/setpwnam.c代码中复杂

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2002-0638

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2002-0638

Please Login to view more intelligence information

http://www.securityfocus.com/bid/5344vdb-entryx_refsource_BID
http://www.osvdb.org/5164vdb-entryx_refsource_OSVDB
http://www.kb.cert.org/vuls/id/405955third-party-advisoryx_refsource_CERT-VN
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000523vendor-advisoryx_refsource_CONECTIVA
http://www.redhat.com/support/errata/RHSA-2002-137.htmlvendor-advisoryx_refsource_REDHAT
http://rhn.redhat.com/errata/RHSA-2002-132.htmlvendor-advisoryx_refsource_REDHAT
http://online.securityfocus.com/advisories/4320vendor-advisoryx_refsource_HP
http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-047.phpvendor-advisoryx_refsource_MANDRAKE
ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-043.0.txtvendor-advisoryx_refsource_CALDERA
http://www.iss.net/security_center/static/9709.phpvdb-entryx_refsource_XF
http://archives.neohapsis.com/archives/bugtraq/2002-07/0396.htmlmailing-listx_refsource_BUGTRAQ
http://marc.info/?l=bugtraq&m=102795787713996&w=2mailing-listx_refsource_BUGTRAQ
http://archives.neohapsis.com/archives/bugtraq/2002-07/0357.htmlmailing-listx_refsource_VULNWATCH
https://nvd.nist.gov/vuln/detail/CVE-2002-0638

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2002-0638

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

I. Basic Information for CVE-2002-0638

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2002-0638

III. Intelligence Information for CVE-2002-0638

IV. Related Vulnerabilities

V. Comments for CVE-2002-0638

Leave a comment