util-linux login program uses a pointer that was previously freed and reallocated which could allow an attacker to gain access to sensitive information.
util-linux is shipped with Red Hat and numerous other Linux distributions. It contains a collection of utility programs, such as fstab, mkfs, chfn, and login. There is a vulnerability in the way the login program uses a pointer that was previously freed and reallocated resulting in an information leak. This could be used by an attacker to gain access to sensitive information.
An attacker may be able to gain access to sensitive information.
Apply a patch from your vendor.
Red Hat Inc. Affected
Updated: March 23, 2004
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
Please refer to the Red Hat Security Bulletin.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Red Hat credits Matthew Lee for reporting this vulnerability.
This document was written by Damon Morda.
|Date First Published:||2004-03-23|
|Date Last Updated:||2004-03-23 14:51 UTC|