writeups.xyz / CVE-2023-29383: Abusing Linux chfn to Misrepresent /etc/passwd

Submitter : c2a

Date: 12 April 2023

Bounty : undisclosed

Vulnerabilities :

• Local Privilege Escalation

Programs :

• Shadow-Utils

Authors :

• Tom Neaves

Link :
https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2023-29383-abusing-linux-chfn-to-misrepresent-etc-passwd/