CVE-2017-12424

🗓️ 04 Aug 2017 09:00:00Reported by Alpine Linux Development TeamType

alpinelinux

alpinelinux🔗 security.alpinelinux.org👁 34 Views

Insecure newusers tool in shadow before version 4.

Reporter	Title	Published	Views	Family All 42
Cloud Foundry	USN-5254-1: shadow vulnerabilities \| Cloud Foundry	10 Mar 202200:00	–	cloudfoundry
CloudLinux	shadow-utils: Fix of CVE-2017-12424	5 May 202621:16	–	cloudlinux
CNVD	Shadow Denial of Service Vulnerability	7 Aug 201700:00	–	cnvd
CVE	CVE-2017-12424	4 Aug 201709:00	–	cve
Cvelist	CVE-2017-12424	4 Aug 201709:00	–	cvelist
Debian	[SECURITY] [DLA 2596-1] shadow security update	17 Mar 202113:10	–	debian
Debian CVE	CVE-2017-12424	4 Aug 201709:00	–	debiancve
Tenable Nessus	Debian DLA-2596-1 : shadow security update	16 Mar 202100:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP3 : shadow-utils (EulerOS-SA-2018-1169)	28 Jun 201800:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP2 : shadow-utils (EulerOS-SA-2019-2427)	4 Dec 201900:00	–	nessus

OS	OS Version	Architecture	Package	Package Version	Filename
Alpine Linux	–	any	shadow	4.5-r0	shadow-4.5-r0.apk
Alpine Linux	3.10	any	shadow	4.5-r0	shadow-4.5-r0.apk
Alpine Linux	3.11	any	shadow	4.5-r0	shadow-4.5-r0.apk
Alpine Linux	3.12	any	shadow	4.5-r0	shadow-4.5-r0.apk
Alpine Linux	3.13	any	shadow	4.5-r0	shadow-4.5-r0.apk
Alpine Linux	3.14	any	shadow	4.5-r0	shadow-4.5-r0.apk
Alpine Linux	3.15	any	shadow	4.5-r0	shadow-4.5-r0.apk
Alpine Linux	3.16	any	shadow	4.5-r0	shadow-4.5-r0.apk
Alpine Linux	3.17	any	shadow	4.5-r0	shadow-4.5-r0.apk
Alpine Linux	3.18	any	shadow	4.5-r0	shadow-4.5-r0.apk

13 May 2026 00:24Current

9.8High risk

Vulners AI Score9.8

CVSS 27.5

CVSS 3.19.8

EPSS0.00583

cve-2017-12424 shadow tool buffer overflow privilege boundary web-hosting environments subaccounts unix