107 matches found
shadow security update
CentOS Errata and Security Advisory CESA-2007:0431 An updated shadow-utils package that fixes a security issue and several bugs is now available. This update has been rated as having low security impact by the Red Hat Security Response Team. The shadow-utils package includes the necessary program...
Mercur Messaging 2005 IMAP (SUBSCRIBE) Remote Exploit (win2k SP4)
Exploit for unknown platform in category remote exploits ================================================================= Mercur Messaging 2005 IMAP SUBSCRIBE Remote Exploit win2k SP4 ================================================================= !/usr/bin/python Remote exploit for the stack...
Mercur Messaging 2005 (Windows 2000 SP4) - IMAP 'Subscribe' Remote Overflow
!/usr/bin/python Remote exploit for the stack overflow vulnerability in Mercur Messaging 2005 SP3 IMAP service. The exploit was tested on windows 2000 server SP4 in a Vmware environment. At the time of overflow EBX points to our shellcode. However this buffer into which EBX points will give a...
CVE-2006-1174
useradd in shadow-utils before 4.0.3, and possibly other versions before 4.0.8, does not provide a required argument to the open function when creating a new user mailbox, which causes the mailbox to be created with unpredictable permissions and possibly allows attackers to read or modify the...
Open redirect
useradd in shadow-utils before 4.0.3, and possibly other versions before 4.0.8, does not provide a required argument to the open function when creating a new user mailbox, which causes the mailbox to be created with unpredictable permissions and possibly allows attackers to read or modify the...
DEBIAN-CVE-2006-1174
useradd in shadow-utils before 4.0.3, and possibly other versions before 4.0.8, does not provide a required argument to the open function when creating a new user mailbox, which causes the mailbox to be created with unpredictable permissions and possibly allows attackers to read or modify the...
CVE-2006-1174
useradd in shadow-utils before 4.0.3, and possibly other versions before 4.0.8, does not provide a required argument to the open function when creating a new user mailbox, which causes the mailbox to be created with unpredictable permissions and possibly allows attackers to read or modify the...
CVE-2006-1174
useradd in shadow-utils before 4.0.3, and possibly other versions before 4.0.8, does not provide a required argument to the open function when creating a new user mailbox, which causes the mailbox to be created with unpredictable permissions and possibly allows attackers to read or modify the...
CVE-2006-1174
CVE-2006-1174 affects the shadow-utils package, specifically the useradd tool. The issue arises when creating a new user mailbox: the open function is not given the correct arguments, causing the mailbox to be created with unpredictable permissions. As a result, a local attacker could potentially...
CVE-2006-1174
useradd in shadow-utils before 4.0.3, and possibly other versions before 4.0.8, does not provide a required argument to the open function when creating a new user mailbox, which causes the mailbox to be created with unpredictable permissions and possibly allows attackers to read or modify the...
MDKSA-2006:090 : shadow-utils
A potential security problem was found in the useradd tool when it creates a new user's mailbox due to a missing argument to the open call, resulting in the first permissions of the file being some random garbage found on the stack, which could possibly be held open for reading or writing before...
Windows NT/2k/XP useradd shellcode for russian systems 318 bytes
Windows NT/2k/XP useradd shellcode for russian systems 318 bytes. Shellcode exploit for win32 platform / \ win32 useradd shellcode for russian systems / by Darkeagle \ ExploiterZ Lab / http://exploiterz.org \ / // add user "slim" with password "shady" with admin prem. in Russian Systems unsigned...
windows NT/2k/XP useradd shellcode for russian systems 318 bytes
Exploit for win32 platform in category shellcode ================================================================ Windows NT/2k/XP useradd shellcode for russian systems 318 bytes ================================================================ / \ win32 useradd shellcode for russian systems / by...
CVE-2002-1509
CVE-2002-1509 concerns a bug in the shadow-utils useradd flow introduced by a patch in shadow-utils-20000902. The bug causes a new user’s mail spool to be created with group write/read permissions (mode 660) instead of being owned per the intended policy, enabling other users sharing the same pri...
Linux User Account Activity Create User (via Splunk): useradd, plain
Binary data 710012.prm...
Mandrake Linux Security Advisory : shadow-utils (MDKSA-2003:026)
The shadow-utils package contains the tool useradd, which is used to create or update new user information. When useradd creates an account, it would create it with improper permissions; instead of having it owned by the group mail, it would be owned by the user's primary group. If this is a shar...
RHEL 2.1 : shadow-utils (RHSA-2003:058)
Updated shadow-utils packages are now available. These updated packages correct a bug that caused the useradd tool to create mail spools with incorrect permissions. The shadow-utils package includes programs for converting UNIX password files to the shadow password format, plus programs for...
Moderate: Red Hat Security Advisory: shadow-utils security update
Updated shadow-utils packages are now available. These updated packages correct a bug that caused the useradd tool to create mail spools with incorrect permissions. The shadow-utils package includes programs for converting UNIX password files to the shadow password format, plus programs for...
[RHSA-2003:057-06] Updated shadow-utils packages fix exposure
--------------------------------------------------------------------- Red Hat, Inc. Red Hat Security Advisory Synopsis: Updated shadow-utils packages fix exposure Advisory ID: RHSA-2003:057-06 Issue date: 2003-02-12 Updated on: 2003-02-18 Product: Red Hat Linux Keywords: mail mailspool Cross...
shadow-utils useradd creates temporary files insecurely
Overview Shadow-utils is an encryption and account management package freely distributed for many Linux implementations. The useradd program in this package creates insecure temporary files with predictable names in a write-protected directory. If this directory is changed to be writable, an...