68 matches found
CLSA-2026-1779267466 shadow-utils: Fix of CVE-2023-4641
CVE-2023-4641: fix password leak in gpasswd...
MiracleLinux 8 : shadow-utils-4.6-19.el8 (AXSA:2023-7078:04)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-7078:04 advisory. shadow-utils: possible password leak during passwd1 change CVE-2023-4641 Tenable has extracted the preceding description block directly from the MiracleLinux...
Siemens Ruggedcom ROX Incorrect Implementation of Authentication Algorithm (CVE-2023-4641)
A flaw was found in shadow-utils. When asking for a new password, shadow-utils asks the password twice. If the password fails on the second attempt, shadow-utils fails in cleaning the buffer used to store the first entry. This may allow an attacker with enough access to retrieve the password from...
NewStart CGSL MAIN 7.02 : shadow Vulnerability (NS-SA-2025-0198)
The remote NewStart CGSL host, running version MAIN 7.02, has shadow packages installed that are affected by a vulnerability: - A flaw was found in shadow-utils. When asking for a new password, shadow-utils asks the password twice. If the password fails on the second attempt, shadow-utils fails i...
TencentOS Server 4: shadow-utils (TSSA-2025:0065)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0065 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...
TencentOS Server 3: shadow-utils (TSSA-2023:0297)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0297 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...
Alibaba Cloud Linux 3 : 0041: shadow-utils (ALINUX3-SA-2024:0041)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2024:0041 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2023-4641: A flaw was found in shadow-utils. Wh...
CBL Mariner 2.0 Security Update: shadow-utils (CVE-2023-4641)
The version of shadow-utils installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-4641 advisory. - A flaw was found in shadow-utils. When asking for a new password, shadow-utils asks the password twice...
CVE-2023-4641 affecting package shadow-utils for versions less than 4.9-14
CVE-2023-4641 affecting package shadow-utils for versions less than 4.9-14. A patched version of the package is available...
Debian: Security Advisory (DLA-4130-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian dla-4130 : login - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4130 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4130-1 [email protected]...
Linux Distros Unpatched Vulnerability : CVE-2023-4641
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in shadow-utils. When asking for a new password, shadow-utils asks the password twice. If the password fails on the second attempt, shadow-util...
Security Bulletin: Vulnerability in shadow-utils library (CVE-2023-4641) affects Power HMC.
Summary The shadow-utils library is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2023-4641 DESCRIPTION: shadow-maint shadow-utils could allow a local authenticated attacker to obtain sensitive information, caused by failing t...
Security Bulletin: Security vulnerabilities may affect Ubuntu packages that are shipped with IBM CICS TX Advanced.
Summary Security vulnerabilities may affect Ubuntu packages that are shipped with IBM CICS TX Advanced. IBM CICS TX Advanced has addressed the issues. Vulnerability Details CVEID:CVE-2023-4641 DESCRIPTION: shadow-maint shadow-utils could allow a local authenticated attacker to obtain sensitive...
EulerOS Virtualization 3.0.6.0 : shadow-utils (EulerOS-SA-2024-1705)
According to the versions of the shadow-utils package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in shadow-utils. When asking for a new password, shadow-utils asks the password twice. If the password fail...
Low: Red Hat Security Advisory: shadow-utils security update
An update for shadow-utils is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
SUSE-SU-2024:1007-1 Security update for shadow
This update for shadow fixes the following issues: - CVE-2023-29383: Fixed apparent /etc/shadow manipulation via chfn bsc1210507. - CVE-2023-4641: Fixed possible password leak during passwd1 change bsc1214806. The following non-security bugs were fixed: - bsc1176006: Fix chage date miscalculation...
SUSE-SU-2024:1007-2 Security update for shadow
This update for shadow fixes the following issues: - CVE-2023-29383: Fixed apparent /etc/shadow manipulation via chfn bsc1210507. - CVE-2023-4641: Fixed possible password leak during passwd1 change bsc1214806. The following non-security bugs were fixed: - bsc1176006: Fix chage date miscalculation...
Huawei EulerOS: Security Advisory for shadow-utils (EulerOS-SA-2024-1298)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE: Security Advisory for shadow (SUSE-SU-2023:4024-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...