Package: usermin-chfn Version: 1.110-3 Tags: security As pointed out in http://www.osreviews.net/reviews/admin/usermin it is possible to disable the login shell of the root account by calling save.cgi with an empty value for the shell. The problem is that the command is expanded to `chsh -s foo`, which changes the shell of the root account to foo instead of changing foo's shell.
When combined with some well-known social engineering tactics (cf. "Stealing Superuser" in Practical UNIX & Internet Security) it might even be possible to obtain root access to the system. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
