Multiple CRLF injection vulnerabilities in (1) chfn and (2) chsh in shadow 1:4.1.4 allow local users to add new users or groups to /etc/passwd via the GECOS field.
References
Configurations
History
No history.
Information
Published : 2011-02-19 01:00
Updated : 2024-02-28 11:41
NVD link : CVE-2011-0721
Mitre link : CVE-2011-0721
CVE.ORG link : CVE-2011-0721
JSON object : View
Products Affected
debian
- shadow
CWE
CWE-20
Improper Input Validation