shadow: denial of service
| Package(s): | shadow | CVE #(s): | |||||
| Created: | April 11, 2011 | Updated: | April 13, 2011 | ||||
| Description: | From the Slackware advisory:
Corrected a packaging error where incorrect permissions on /usr/sbin/lastlog and /usr/sbin/faillog allow any user to set login failure limits on any other user (including root), potentially leading to a denial of service. Thanks to pyllyukko for discovering and reporting this vulnerability. | ||||||
| Alerts: |
| ||||||