Stack-based buffer overflow in the FascistGecosUser function in lib/fascist.c in cracklib allows local users to cause a denial of service or gain privileges via a long GECOS field, involving longbuffer.