2 matches found
Astra Linux – Vulnerability in Shadow
A flaw was discovered in shadow-utils. When requesting a new password, shadow-utils asks for the password twice. If the password is incorrect on the second attempt, shadow-utils fails in clearing the buffer used to store the first entry. This may allow an attacker with sufficient access to retrie...
shadow-utils: possible password leak during passwd(1) change
A flaw was found in shadow-utils. When asking for a new password, shadow-utils asks the password twice. If the password fails on the second attempt, shadow-utils fails in cleaning the buffer used to store the first entry. This may allow an attacker with enough access to retrieve the password from...