CVE-2019-19234

In Sudo through 1.8.29, the fact that a user has been blocked e.g., by using the ! character in the shadow file instead of a password hash is not considered, allowing an attacker who has access to a Runas ALL sudoer account to impersonate any blocked user. NOTE: The software maintainer believes...

Shibboleth Service Provider Elevation of Privilege Vulnerability

Shibboleth is an open source SAML-based Web Single Sign-On system for Windows platforms from Shibboleth, U.K. The Service Provider SP is one of the service provider components, which is mainly used to intercept access to protected resources or application entry points, issue SAML authentication...

CVE-2016-2360

Milesight IP security cameras through 2016-11-14 have a default root password in /etc/shadow that is the same across different customers' installations...

CVE-2017-8415

Affected devices: D-Link DCS-1100 and DCS-1130. The vulnerability stems from a hardcoded credential mechanism used by a custom telnet daemon (part of BusyBox) where the password check uses a salted hash of the string "admin" stored in /etc/shadow on a CRAM-FS filesystem. Because the filesystem is...

CVE-2017-8415

An issue was discovered on D-Link DCS-1100 and DCS-1130 devices. The device has a custom telnet daemon as a part of the busybox and retrieves the password from the shadow file using the function getspnam at address 0x00053894. Then performs a crypt operation on the password retrieved from the use...

CVE-2019-7315

Genie Access WIP3BVAF WISH IP 3MP IR Auto Focus Bullet Camera devices through 3.x are vulnerable to directory traversal via the web interface, as demonstrated by reading /etc/shadow. NOTE: this product is discontinued, and its final firmware version has this vulnerability 4.x versions exist only...

PT-2019-11721 · Jenkins · Jenkins Pam Authentication Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins PAM Authentication Plugin versions 1.5 and earlier, except version 1.4.1 Description: A missing permission check in the PamSecurityRealm.DescriptorImpldoTest function allowed users with Overall/Read permission to obtain limited...

CVE-2019-5021

Versions of the Official Alpine Linux Docker images since v3.3 contain a NULL password for the root user. This vulnerability appears to be the result of a regression introduced in December of 2015. Due to the nature of this issue, systems deployed using affected versions of the Alpine Linux...

CVE-2019-5021

Versions of the Official Alpine Linux Docker images since v3.3 contain a NULL password for the root user. This vulnerability appears to be the result of a regression introduced in December of 2015. Due to the nature of this issue, systems deployed using affected versions of the Alpine Linux...

CVE-2018-16092

In System Management Module SMM versions prior to 1.06, the FFDC feature includes the collection of SMM system files containing sensitive information; notably, the SMM user account credentials and the system shadow file...

Code injection

In System Management Module SMM versions prior to 1.06, the FFDC feature includes the collection of SMM system files containing sensitive information; notably, the SMM user account credentials and the system shadow file...

CVE-2018-16092

In System Management Module SMM versions prior to 1.06, the FFDC feature includes the collection of SMM system files containing sensitive information; notably, the SMM user account credentials and the system shadow file...

CVE-2018-16092

CVE-2018-16092 affects Lenovo System Management Module (SMM) firmware prior to 1.06. The FFDC feature collects SMM system files, including sensitive data such as SMM user credentials and the system shadow file. This exposure could lead to confidentiality impact if FFDC data is accessed or misused...

CVE-2018-16092 System Management Module Vulnerabilities

In System Management Module SMM versions prior to 1.06, the FFDC feature includes the collection of SMM system files containing sensitive information; notably, the SMM user account credentials and the system shadow file...

CVE-2018-7268

MagniComp SysInfo before 10-H81, as shipped with BMC BladeLogic Automation and other products, contains an information exposure vulnerability in which a local unprivileged user is able to read any root uid 0 owned file on the system, regardless of the file permissions. Confidential information su...

CVE-2018-8712

An issue was discovered in Webmin 1.840 and 1.880 when the default Yes setting of "Can view any file as a log file" is enabled. As a result of weak default configuration settings, limited users have full access rights to the underlying Unix system files, allowing the user to read sensitive data...

CVE-2017-16566

On Jooan IP Camera A5 2.3.36 devices, an insecure FTP server does not require authentication, which allows remote attackers to read or replace core system files including those used for authentication such as passwd and shadow. This can be abused to take full root level control of the device...

PT-2017-13470 · D Link · D-Link Dir-850L

Name of the Vulnerable Software and Affected Versions: D-Link DIR-850L REV. A versions through FW114WWb07 h2ab beta1 D-Link DIR-850L REV. B versions through FW208WWb02 Description: The issue concerns the permissions of the /var/etc/shadow file, also known as the /etc/shadow symlink target, which...

Cb Defense Q3 2017 Release Future-Proofs Your Ransomware Defenses

We’re excited to announce the Cb Defense Q3 2017 release is here! Cb Defense has always been focused on bringing you the best possible prevention, built upon our unique streaming prevention platform, combined with our market-leading endpoint detection and response EDR capabilities. The Q3 2017...

mapr Information Disclosure

Hello, The mapr web frontend component creates an information disclosure vulnerability. During the setup of mapr the configure.sh script calls a function ConfigureWSRole: function ConfigureWSRole if $clientOnly -eq 0 -a $dontChangeSecurityPermissionsOn -eq 0 ; then ConfigureRunUserForWS fi This...