Ubuntu Security Notice (C) 2011-2013 Canonical, Inc. / NASL script (C) 2011-2013 Tenable Network Security, Inc.
The remote Ubuntu host is missing one or more security-related patches.
Kees Cook discovered that some shadow utilities did not correctly
validate user input. A local attacker could exploit this flaw to
inject newlines into the /etc/passwd file. If the system was
configured to use NIS, this could lead to existing NIS groups or users
gaining or losing access to the system, resulting in a denial of
service or unauthorized access.
Update the affected login and / or passwd packages.
Risk factor :
Medium / CVSS Base Score : 6.4
Family: Ubuntu Local Security Checks
Nessus Plugin ID: 51997 ()
CVE ID: CVE-2011-0721