Vulnerabilities (CVE)

Filtered by vendor Debian Subscribe
Filtered by product Shadow
Total 8 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-20002 1 Debian 2 Debian Linux, Shadow 2024-02-28 4.6 MEDIUM 7.8 HIGH
The Debian shadow package before 1:4.5-1 for Shadow incorrectly lists pts/0 and pts/1 as physical terminals in /etc/securetty. This allows local users to login as password-less users even if they are connected by non-physical means such as SSH (hence bypassing PAM's nullok_secure configuration). This notably affects environments such as virtual machines automatically generated with a default blank root password, allowing all local users to escalate privileges.
CVE-2013-4235 3 Debian, Fedoraproject, Redhat 4 Debian Linux, Shadow, Fedora and 1 more 2024-02-28 3.3 LOW 4.7 MEDIUM
shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees
CVE-2005-4890 3 Debian, Redhat, Sudo Project 4 Debian Linux, Shadow, Enterprise Linux and 1 more 2024-02-28 7.2 HIGH 7.8 HIGH
There is a possible tty hijacking in shadow 4.x before 4.1.5 and sudo 1.x before 1.7.4 via "su - user -c program". The user session can be escaped to the parent session by using the TIOCSTI ioctl to push characters into the input buffer to be read by the next process.
CVE-2011-0721 1 Debian 1 Shadow 2024-02-28 6.4 MEDIUM N/A
Multiple CRLF injection vulnerabilities in (1) chfn and (2) chsh in shadow 1:4.1.4 allow local users to add new users or groups to /etc/passwd via the GECOS field.
CVE-2008-5394 1 Debian 1 Shadow 2024-02-28 7.2 HIGH N/A
/bin/login in shadow 4.0.18.1 in Debian GNU/Linux, and probably other Linux distributions, allows local users in the utmp group to overwrite arbitrary files via a symlink attack on a temporary file referenced in a line (aka ut_line) field in a utmp entry.
CVE-2006-1174 1 Debian 1 Shadow 2024-02-28 3.7 LOW N/A
useradd in shadow-utils before 4.0.3, and possibly other versions before 4.0.8, does not provide a required argument to the open function when creating a new user mailbox, which causes the mailbox to be created with unpredictable permissions and possibly allows attackers to read or modify the mailbox.
CVE-2006-1844 1 Debian 2 Base-config, Shadow 2024-02-28 2.1 LOW N/A
The Debian installer for the (1) shadow 4.0.14 and (2) base-config 2.53.10 packages includes sensitive information in world-readable log files, including preseeded passwords and pppoeconf passwords, which might allow local users to gain privileges.
CVE-2004-1001 1 Debian 1 Shadow 2024-02-28 4.6 MEDIUM N/A
Unknown vulnerability in the passwd_check function in Shadow 4.0.4.1, and possibly other versions before 4.0.5, allows local users to conduct unauthorized activities when an error from a pam_chauthtok function call is not properly handled.