Lucene search
K

21 matches found

OSV
OSV
added 2025/12/02 9:7 a.m.4 views

RLSA-2025:20145 Low: shadow-utils security update

The shadow-utils packages include programs for converting UNIX password files to the shadow password format, as well as utilities for managing user and group accounts. Security Fixes: shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise CVE-2024-56433 For...

3.6CVSS9.4AI score0.004EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/11/25 12:0 a.m.3 views

AlmaLinux 10 : shadow-utils (ALSA-2025:20145)

The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:20145 advisory. shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise CVE-2024-56433 Tenable has extracted the preceding description blo...

3.6CVSS6AI score0.004EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/11/22 12:0 a.m.2 views

RockyLinux 9 : shadow-utils (RLSA-2025:20559)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:20559 advisory. shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise CVE-2024-56433 Tenable has extracted the preceding description blo...

3.6CVSS6AI score0.004EPSS
Exploits0References3
Rockylinux
Rockylinux
added 2025/11/21 6:13 p.m.4 views

shadow-utils security update

An update is available for shadow-utils. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The shadow-utils packages include programs for converting UNIX password...

3.6CVSS6.7AI score0.004EPSS
Exploits0
OSV
OSV
added 2025/11/21 6:13 p.m.5 views

RLSA-2025:20559 Low: shadow-utils security update

The shadow-utils packages include programs for converting UNIX password files to the shadow password format, as well as utilities for managing user and group accounts. Security Fixes: shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise CVE-2024-56433 For...

3.6CVSS6.5AI score0.004EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/11/19 12:0 a.m.5 views

AlmaLinux 9 : shadow-utils (ALSA-2025:20559)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:20559 advisory. shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise CVE-2024-56433 Tenable has extracted the preceding description bloc...

3.6CVSS6AI score0.004EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2025/11/11 9:1 a.m.9 views

Low: Red Hat Security Advisory: shadow-utils security update

An update for shadow-utils is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

3.6CVSS6.2AI score0.004EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/11/11 8:16 a.m.9 views

Low: Red Hat Security Advisory: shadow-utils security update

An update for shadow-utils is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

3.6CVSS6.2AI score0.004EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/11/11 12:0 a.m.4 views

RHEL 9 : shadow-utils (RHSA-2025:20559)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:20559 advisory. The shadow-utils packages include programs for converting UNIX password files to the shadow password format, as well as utilities for managing user...

3.6CVSS6.1AI score0.004EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2025/11/11 12:0 a.m.4 views

RHEL 10 : shadow-utils (RHSA-2025:20145)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:20145 advisory. The shadow-utils packages include programs for converting UNIX password files to the shadow password format, as well as utilities for managing user...

3.6CVSS6.1AI score0.004EPSS
Exploits0References7
OSV
OSV
added 2025/11/11 12:0 a.m.5 views

ALSA-2025:20559 Low: shadow-utils security update

The shadow-utils packages include programs for converting UNIX password files to the shadow password format, as well as utilities for managing user and group accounts. Security Fixes: shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise CVE-2024-56433 For...

3.6CVSS9.2AI score0.004EPSS
Exploits0References4
CBLMariner
CBLMariner
added 2025/04/08 9:13 p.m.13 views

CVE-2024-56433 affecting package shadow-utils for versions less than shadow-utils_4.18.0

CVE-2024-56433 affecting package shadow-utils for versions less than shadow-utils4.18.0. A patched version of the package is available...

3.6CVSS7AI score0.004EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/03/06 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2024-56433

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - shadow-utils aka shadow 4.4 through 4.17.0 establishes a default /etc/subuid behavior e.g., uid 100000 through 165535 for the first user account that can...

3.6CVSS6.1AI score0.004EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2024/12/26 9:53 a.m.14 views

CVE-2024-56433

shadow-utils aka shadow 4.4 through 4.17.0 establishes a default /etc/subuid behavior e.g., uid 100000 through 165535 for the first user account that can realistically conflict with the uids of users defined on locally administered networks, potentially leading to account takeover, e.g., by...

3.6CVSS6.8AI score0.004EPSS
Exploits0References6
OSV
OSV
added 2024/12/26 9:15 a.m.3 views

CVE-2024-56433

shadow-utils aka shadow 4.4 through 4.17.0 establishes a default /etc/subuid behavior e.g., uid 100000 through 165535 for the first user account that can realistically conflict with the uids of users defined on locally administered networks, potentially leading to account takeover, e.g., by...

3.6CVSS6.6AI score
Exploits0References3
NVD
NVD
added 2024/12/26 9:15 a.m.13 views

CVE-2024-56433

shadow-utils aka shadow 4.4 through 4.17.0 establishes a default /etc/subuid behavior e.g., uid 100000 through 165535 for the first user account that can realistically conflict with the uids of users defined on locally administered networks, potentially leading to account takeover, e.g., by...

3.6CVSS0.004EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2024/12/26 9:15 a.m.7 views

CVE-2024-56433

shadow-utils aka shadow 4.4 through 4.17.0 establishes a default /etc/subuid behavior e.g., uid 100000 through 165535 for the first user account that can realistically conflict with the uids of users defined on locally administered networks, potentially leading to account takeover, e.g., by...

3.6CVSS6.4AI score0.004EPSS
Exploits0References3
Circl
Circl
added 2024/12/26 8:41 a.m.5 views

CVE-2024-56433

creationtimestamp| type| source ---|---|--- 2024-12-26 08:41:54+00:00| seen| https://infosec.exchange/users/cve/statuses/113718231978557868 2024-12-26 09:15:31+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3le756uffwm2m 2024-12-26 10:43:06+00:00| seen|...

3.6CVSS4.9AI score0.004EPSS
Exploits0References6
Cvelist
Cvelist
added 2024/12/26 12:0 a.m.16 views

CVE-2024-56433

shadow-utils aka shadow 4.4 through 4.17.0 establishes a default /etc/subuid behavior e.g., uid 100000 through 165535 for the first user account that can realistically conflict with the uids of users defined on locally administered networks, potentially leading to account takeover, e.g., by...

3.6CVSS0.004EPSS
Exploits0References3
CVE
CVE
added 2024/12/26 12:0 a.m.120 views

CVE-2024-56433

CVE-2024-56433 affects shadow-utils (shadow) 4.4–4.17.0, which uses a default /etc/subuid range (e.g., UID 100000–165535) that can clash with locally defined UIDs. The documented impact is potential account takeover via newuidmap access to local or same-host resources (e.g., NFS home directories)...

3.6CVSS7.1AI score0.004EPSS
Exploits0References3
Rows per page
Query Builder