CVE-1999-1023

The CVE-1999-1023 entry concerns Solaris 7.0, where the useradd utility does not correctly interpret certain date formats provided to the -e expiration date argument. This incorrect parsing could allow users to log in after their accounts are supposed to expire, per the documented description. No...

CVE-2001-0120

CVE-2001-0120 relates to the shadow-utils package, specifically the useradd component. The vulnerability arises from insecure temporary file handling: useradd creates temporary files in /etc/default with predictable names. If /etc/default is world-writable, an attacker could perform a symbolic-li...

CVE-2001-0120

useradd program in shadow-utils program may allow local users to overwrite arbitrary files via a symlink attack...

CVE-2001-0120

useradd program in shadow-utils program may allow local users to overwrite arbitrary files via a symlink attack...

sun.useradd.expir.date.txt

Date: Thu, 10 Jun 1999 11:16:32 -0500 From: Chad Price To: [email protected] Subject: Sun Useradd program expiration date bug This has been tested and verified only on Solaris 7. Sun has provided a useradd binary as well as the gui admintool for adding new users. This program it's a binary in...

shadow.passwds.txt

Date: Fri, 11 Jun 1999 10:11:29 EET From: Emils Klotins To: [email protected] Subject: useradd -p stores cleartext passwords / shadow-980724 Hello. Sorry if this is reported already. Didn't find it in Bugtraq archives nor in SuSE support db. OS: SuSE Linux 6.1 Program: useradd Package:...

CVE-1999-1023

useradd in Solaris 7.0 does not properly interpret certain date formats as specified in the "-e" expiration date argument, which could allow users to login after their accounts have expired...