CVE-2003-1366

chpass in OpenBSD 2.0 through 3.2 allows local users to read portions of arbitrary files via a hard link attack on a temporary file used to store user database information.
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:openbsd:openbsd:2.0:*:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:2.1:*:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:2.2:*:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:2.3:*:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:2.4:*:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:2.5:*:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:2.6:*:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:2.7:*:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:2.8:*:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:2.9:*:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:3.0:*:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:3.1:*:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:3.2:*:*:*:*:*:*:*

History

No history.

Information

Published : 2003-12-31 05:00

Updated : 2024-02-28 10:24


NVD link : CVE-2003-1366

Mitre link : CVE-2003-1366

CVE.ORG link : CVE-2003-1366


JSON object : View

Products Affected

openbsd

  • openbsd
CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor