util-linux login program uses a pointer that was previously freed and reallocated which could allow an attacker to gain access to sensitive information.
util-linux is shipped with Red Hat and numerous other Linux distributions. It contains a collection of utility programs, such as fstab, mkfs, chfn, and login. There is a vulnerability in the way the login program uses a pointer that was previously freed and reallocated resulting in an information leak. This could be used by an attacker to gain access to sensitive information.
An attacker may be able to gain access to sensitive information.
Apply a patch from your vendor.
Red Hat credits Matthew Lee for reporting this vulnerability.
This document was written by Damon Morda.
|Date First Published:||2004-03-23|
|Date Last Updated:||2004-03-23 14:51 UTC|