16 matches found
CLSA-2026-1777945742 shadow-utils: Fix of CVE-2017-12424
CVE-2017-12424: fix heap buffer overflow in commoniosort when an entry has a NULL line...
USN-5254-1: shadow vulnerabilities | Cloud Foundry
Severity Low Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Canonical Ubuntu 18.04 Description It was discovered that shadow incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash or expose sensitive information. This issue only affected...
USN-5254-1: shadow vulnerabilities
It was discovered that shadow incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash or expose sensitive information. This issue only affected Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. CVE-2017-12424 It was discovered that shadow incorrectly handled certain...
SUSE: Security Advisory (SUSE-SU-2017:2947-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DLA-2596-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for shadow-utils (EulerOS-SA-2018-1169)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP3 : shadow-utils (EulerOS-SA-2018-1169)
According to the version of the shadow-utils package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A buffer overflow flaw leading to heap memory corruption was found in the shadow-utils's newusers utility. A local, authenticated attacker cou...
MGASA-2017-0465 Updated shadow-utils packages fix security vulnerability
It was found that shadow-utils had a buffer overflow where if a buffer was left NULL for a cycle the next cycle would happily write past the entries buffer CVE-2017-12424...
openSUSE Security Update : shadow (openSUSE-2017-1265)
This update for shadow fixes several issues. This security issue was fixed : - CVE-2017-12424: The newusers tool could have been forced to manipulate internal data structures in ways unintended by the authors. Malformed input may have lead to crashes with a buffer overflow or other memory...
SUSE SLED12 / SLES12 Security Update : shadow (SUSE-SU-2017:2947-1)
This update for shadow fixes several issues. This security issue was fixed : - CVE-2017-12424: The newusers tool could have been forced to manipulate internal data structures in ways unintended by the authors. Malformed input may have lead to crashes with a buffer overflow or other memory...
SUSE-SU-2017:2947-1 Security update for shadow
This update for shadow fixes several issues. This security issue was fixed: - CVE-2017-12424: The newusers tool could have been forced to manipulate internal data structures in ways unintended by the authors. Malformed input may have lead to crashes with a buffer overflow or other memory corrupti...
CVE-2017-12424
A buffer overflow flaw leading to heap memory corruption was found in the shadow-utils's newusers utility. A local, authenticated attacker could potentially use this flaw to crash the newusers process by supplying crafted data to it...
CVE-2017-12424
In shadow before 4.5, the newusers tool could be made to manipulate internal data structures in ways unintended by the authors. Malformed input may lead to crashes with a buffer overflow or other memory corruption or other unspecified behaviors. This crosses a privilege boundary in, for example,...
CVE-2017-12424
In shadow before 4.5, the newusers tool could be made to manipulate internal data structures in ways unintended by the authors. Malformed input may lead to crashes with a buffer overflow or other memory corruption or other unspecified behaviors. This crosses a privilege boundary in, for example,...
CVE-2017-12424
In shadow before 4.5, the newusers tool could be made to manipulate internal data structures in ways unintended by the authors. Malformed input may lead to crashes with a buffer overflow or other memory corruption or other unspecified behaviors. This crosses a privilege boundary in, for example,...
CVE-2017-12424
The CVE-2017-12424 issue affects the shadow package (notably the newusers tool) across multiple distributions. A malformed input could cause internal data-structure corruption that leads to crashes or memory corruption, potentially crossing privilege boundaries in certain configurations (e.g., ho...