Got this on bugtraq: Linux util-linux chfn local root vulnerability
Issue Date: July 29, 2002 Contact: Michal Zalewski CVE: CAN-2002-0638 CERT vulnerability note: http://www.kb.cert.org/vuls/id/405955 (the URL should be accessible soon) Topic: A locally exploitable vulnerability is present in the util-linux package shipped with Red Hat Linux and numerous other Linux distributions. Affected Systems: Red Hat Linux 7.3 and previous; potentially many other distributions up to date that use util-linux to provide chfn and chsh utilities. Please refer to the CERT vulnerability note for more information. Systems that ship chfn within the shadow-utils package (for example SuSE) are not vulnerable.
