Lucene search

K
cvelistMitreCVELIST:CVE-2023-29383
HistoryApr 14, 2023 - 12:00 a.m.

CVE-2023-29383

2023-04-1400:00:00
mitre
www.cve.org
shadow 4.13
suid program chfn
/etc/passwd
social-engineered
denial of service

4.5 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

15.6%

In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn (change finger). Although it is not possible to exploit this directly (e.g., adding a new user fails because \n is in the block list), it is possible to misrepresent the /etc/passwd file when viewed. Use of \r manipulations and Unicode characters to work around blocking of the : character make it possible to give the impression that a new user has been added. In other words, an adversary may be able to convince a system administrator to take the system offline (an indirect, social-engineered denial of service) by demonstrating that β€œcat /etc/passwd” shows a rogue user account.

4.5 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

15.6%