Lucene search
K

68 matches found

OSV
OSV
added 2026/05/20 8:57 a.m.5 views

CLSA-2026-1779267466 shadow-utils: Fix of CVE-2023-4641

CVE-2023-4641: fix password leak in gpasswd...

5.5CVSS5.8AI score0.00257EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.5 views

MiracleLinux 8 : shadow-utils-4.6-19.el8 (AXSA:2023-7078:04)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-7078:04 advisory. shadow-utils: possible password leak during passwd1 change CVE-2023-4641 Tenable has extracted the preceding description block directly from the MiracleLinux...

5.5CVSS8.3AI score0.00257EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/09 12:0 a.m.3 views

Siemens Ruggedcom ROX Incorrect Implementation of Authentication Algorithm (CVE-2023-4641)

A flaw was found in shadow-utils. When asking for a new password, shadow-utils asks the password twice. If the password fails on the second attempt, shadow-utils fails in cleaning the buffer used to store the first entry. This may allow an attacker with enough access to retrieve the password from...

5.5CVSS6.4AI score0.00257EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/07/25 12:0 a.m.3 views

NewStart CGSL MAIN 7.02 : shadow Vulnerability (NS-SA-2025-0198)

The remote NewStart CGSL host, running version MAIN 7.02, has shadow packages installed that are affected by a vulnerability: - A flaw was found in shadow-utils. When asking for a new password, shadow-utils asks the password twice. If the password fails on the second attempt, shadow-utils fails i...

5.5CVSS6.6AI score0.00257EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.6 views

TencentOS Server 4: shadow-utils (TSSA-2025:0065)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0065 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

5.5CVSS6.5AI score0.00428EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.7 views

TencentOS Server 3: shadow-utils (TSSA-2023:0297)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0297 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

5.5CVSS6.5AI score0.00257EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/05/14 12:0 a.m.10 views

Alibaba Cloud Linux 3 : 0041: shadow-utils (ALINUX3-SA-2024:0041)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2024:0041 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2023-4641: A flaw was found in shadow-utils. Wh...

5.5CVSS6.5AI score0.00257EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/05/06 12:0 a.m.20 views

CBL Mariner 2.0 Security Update: shadow-utils (CVE-2023-4641)

The version of shadow-utils installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-4641 advisory. - A flaw was found in shadow-utils. When asking for a new password, shadow-utils asks the password twice...

5.5CVSS6.5AI score0.00257EPSS
Exploits0References2
CBLMariner
CBLMariner
added 2025/05/05 3:9 p.m.17 views

CVE-2023-4641 affecting package shadow-utils for versions less than 4.9-14

CVE-2023-4641 affecting package shadow-utils for versions less than 4.9-14. A patched version of the package is available...

5.5CVSS7.2AI score0.00257EPSS
Exploits0
OpenVAS
OpenVAS
added 2025/04/21 12:0 a.m.6 views

Debian: Security Advisory (DLA-4130-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS5.7AI score0.00428EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/04/21 12:0 a.m.6 views

Debian dla-4130 : login - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4130 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4130-1 [email protected]...

5.5CVSS6.8AI score0.00428EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2023-4641

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in shadow-utils. When asking for a new password, shadow-utils asks the password twice. If the password fails on the second attempt, shadow-util...

5.5CVSS6.4AI score0.00257EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2024/09/10 3:20 p.m.29 views

Security Bulletin: Vulnerability in shadow-utils library (CVE-2023-4641) affects Power HMC.

Summary The shadow-utils library is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2023-4641 DESCRIPTION: shadow-maint shadow-utils could allow a local authenticated attacker to obtain sensitive information, caused by failing t...

5.5CVSS7.1AI score0.00257EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/07/16 12:17 p.m.26 views

Security Bulletin: Security vulnerabilities may affect Ubuntu packages that are shipped with IBM CICS TX Advanced.

Summary Security vulnerabilities may affect Ubuntu packages that are shipped with IBM CICS TX Advanced. IBM CICS TX Advanced has addressed the issues. Vulnerability Details CVEID:CVE-2023-4641 DESCRIPTION: shadow-maint shadow-utils could allow a local authenticated attacker to obtain sensitive...

5.5CVSS7.1AI score0.04459EPSS
Exploits4Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/05/17 12:0 a.m.27 views

EulerOS Virtualization 3.0.6.0 : shadow-utils (EulerOS-SA-2024-1705)

According to the versions of the shadow-utils package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in shadow-utils. When asking for a new password, shadow-utils asks the password twice. If the password fail...

5.5CVSS6.5AI score0.00257EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2024/04/30 3:5 p.m.40 views

Low: Red Hat Security Advisory: shadow-utils security update

An update for shadow-utils is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

5.5CVSS6.6AI score0.00257EPSS
Exploits0References2
OSV
OSV
added 2024/03/27 9:51 a.m.9 views

SUSE-SU-2024:1007-1 Security update for shadow

This update for shadow fixes the following issues: - CVE-2023-29383: Fixed apparent /etc/shadow manipulation via chfn bsc1210507. - CVE-2023-4641: Fixed possible password leak during passwd1 change bsc1214806. The following non-security bugs were fixed: - bsc1176006: Fix chage date miscalculation...

5.5CVSS7.5AI score0.00428EPSS
Exploits1References12
OSV
OSV
added 2024/03/27 9:51 a.m.7 views

SUSE-SU-2024:1007-2 Security update for shadow

This update for shadow fixes the following issues: - CVE-2023-29383: Fixed apparent /etc/shadow manipulation via chfn bsc1210507. - CVE-2023-4641: Fixed possible password leak during passwd1 change bsc1214806. The following non-security bugs were fixed: - bsc1176006: Fix chage date miscalculation...

5.5CVSS7.5AI score0.00428EPSS
Exploits1References12
OpenVAS
OpenVAS
added 2024/03/12 12:0 a.m.13 views

Huawei EulerOS: Security Advisory for shadow-utils (EulerOS-SA-2024-1298)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS6AI score0.00257EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2024/03/04 12:0 a.m.14 views

openSUSE: Security Advisory for shadow (SUSE-SU-2023:4024-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS6.1AI score0.00257EPSS
Exploits0References2
Rows per page
Query Builder