CVE-2002-2219 Information

Description

chetcpasswd.cgi in Pedro Lineu Orso chetcpasswd before 2.1 allows remote attackers to read the last line of the shadow file via a long user (userid) field.

Reference

http://securitytracker.com/id?1005847 http://sourceforge.net/project/shownotes.php?group_id=68912&release_id=466649 http://www.securiteam.com/unixfocus/6C00N0K6AO.html http://www.securityfocus.com/bid/6472 https://exchange.xforce.ibmcloud.com/vulnerabilities/10946