{"vuid":"VU#801526","idnumber":"801526","name":"util-linux login program discloses sensitive information","keywords":["util-linux","login","information leak","freed","reallocated"],"overview":"util-linux login program uses a pointer that was previously freed and reallocated which could allow an attacker to gain access to sensitive information.","clean_desc":"util-linux is shipped with Red Hat and numerous other Linux distributions. It contains a collection of utility programs, such as fstab, mkfs, chfn, and login. There is a vulnerability in the way the login program uses a pointer that was previously freed and reallocated resulting in an information leak. This could be used by an attacker to gain access to sensitive information.","impact":"An attacker may be able to gain access to sensitive information.","resolution":"Apply Patch\nApply a patch from your vendor.","workarounds":"","sysaffected":"","thanks":"Red Hat credits Matthew Lee for reporting this vulnerability.","author":"This document was written by Damon Morda.","public":["http://rhn.redhat.com/errata/RHSA-2004-056.html","http://www.secunia.com/advisories/10773/","http://freshmeat.net/projects/util-linux/"],"cveids":["CVE-2004-0080"],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2004-02-04T19:20:19Z","publicdate":"2004-02-03T00:00:00Z","datefirstpublished":"2004-03-23T14:50:57Z","dateupdated":"2004-03-23T14:51:03Z","revision":7,"vrda_d1_directreport":"","vrda_d1_population":"","vrda_d1_impact":"","cam_widelyknown":"15","cam_exploitation":"0","cam_internetinfrastructure":"4","cam_population":"7","cam_impact":"8","cam_easeofexploitation":"7","cam_attackeraccessrequired":"10","cam_scorecurrent":"1.3965","cam_scorecurrentwidelyknown":"1.764","cam_scorecurrentwidelyknownexploited":"3.234","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":1.3965,"vulnote":null}