chpass in OpenBSD 2.0 through 3.2 allows local users to read portions of arbitrary files via a hard link attack on a temporary file used to store user database information.Referenceshttp://www.securitytracker.com/id?1006035http://www.securityfocus.com/archive/1/309962https://exchange.xforce.ibmcloud.com/vulnerabilities/11233http://securityreason.com/securityalert/3238http://www.securityfocus.com/bid/6748http://www.epita.fr/~bevand_m/asa/asa-0001
