Lucene search
K

16 matches found

OSV
OSV
added 2026/05/05 1:49 a.m.8 views

CLSA-2026-1777945742 shadow-utils: Fix of CVE-2017-12424

CVE-2017-12424: fix heap buffer overflow in commoniosort when an entry has a NULL line...

9.8CVSS6.9AI score0.02659EPSS
Exploits0References1
Cloud Foundry
Cloud Foundry
added 2022/03/10 12:0 a.m.35 views

USN-5254-1: shadow vulnerabilities | Cloud Foundry

Severity Low Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Canonical Ubuntu 18.04 Description It was discovered that shadow incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash or expose sensitive information. This issue only affected...

9.8CVSS7.4AI score0.02659EPSS
Exploits1Affected Software3
Ubuntu
Ubuntu
added 2022/01/27 2:29 p.m.106 views

USN-5254-1: shadow vulnerabilities

It was discovered that shadow incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash or expose sensitive information. This issue only affected Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. CVE-2017-12424 It was discovered that shadow incorrectly handled certain...

9.8CVSS6AI score0.02659EPSS
Exploits1
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.17 views

SUSE: Security Advisory (SUSE-SU-2017:2947-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS5.8AI score0.02659EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2021/03/17 12:0 a.m.32 views

Debian: Security Advisory (DLA-2596-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.6AI score0.02659EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.20 views

Huawei EulerOS: Security Advisory for shadow-utils (EulerOS-SA-2018-1169)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.8AI score0.02659EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2018/06/28 12:0 a.m.30 views

EulerOS 2.0 SP3 : shadow-utils (EulerOS-SA-2018-1169)

According to the version of the shadow-utils package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A buffer overflow flaw leading to heap memory corruption was found in the shadow-utils's newusers utility. A local, authenticated attacker cou...

9.8CVSS6.7AI score0.02659EPSS
Exploits0References2
OSV
OSV
added 2017/12/22 10:31 a.m.7 views

MGASA-2017-0465 Updated shadow-utils packages fix security vulnerability

It was found that shadow-utils had a buffer overflow where if a buffer was left NULL for a cycle the next cycle would happily write past the entries buffer CVE-2017-12424...

9.8CVSS9.8AI score0.02659EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2017/11/13 12:0 a.m.22 views

openSUSE Security Update : shadow (openSUSE-2017-1265)

This update for shadow fixes several issues. This security issue was fixed : - CVE-2017-12424: The newusers tool could have been forced to manipulate internal data structures in ways unintended by the authors. Malformed input may have lead to crashes with a buffer overflow or other memory...

9.8CVSS6.7AI score0.02659EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2017/11/09 12:0 a.m.35 views

SUSE SLED12 / SLES12 Security Update : shadow (SUSE-SU-2017:2947-1)

This update for shadow fixes several issues. This security issue was fixed : - CVE-2017-12424: The newusers tool could have been forced to manipulate internal data structures in ways unintended by the authors. Malformed input may have lead to crashes with a buffer overflow or other memory...

9.8CVSS6.7AI score0.02659EPSS
Exploits0References6
OSV
OSV
added 2017/11/08 7:50 a.m.5 views

SUSE-SU-2017:2947-1 Security update for shadow

This update for shadow fixes several issues. This security issue was fixed: - CVE-2017-12424: The newusers tool could have been forced to manipulate internal data structures in ways unintended by the authors. Malformed input may have lead to crashes with a buffer overflow or other memory corrupti...

9.8CVSS9.9AI score0.02659EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2017/08/04 12:48 p.m.39 views

CVE-2017-12424

A buffer overflow flaw leading to heap memory corruption was found in the shadow-utils's newusers utility. A local, authenticated attacker could potentially use this flaw to crash the newusers process by supplying crafted data to it...

9.8CVSS4.5AI score0.02659EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2017/08/04 9:29 a.m.30 views

CVE-2017-12424

In shadow before 4.5, the newusers tool could be made to manipulate internal data structures in ways unintended by the authors. Malformed input may lead to crashes with a buffer overflow or other memory corruption or other unspecified behaviors. This crosses a privilege boundary in, for example,...

9.8CVSS7AI score0.02659EPSS
Exploits0References2
OSV
OSV
added 2017/08/04 9:29 a.m.19 views

CVE-2017-12424

In shadow before 4.5, the newusers tool could be made to manipulate internal data structures in ways unintended by the authors. Malformed input may lead to crashes with a buffer overflow or other memory corruption or other unspecified behaviors. This crosses a privilege boundary in, for example,...

9.8CVSS7.2AI score
Exploits0References5
CVE
CVE
added 2017/08/04 9:0 a.m.170 views

CVE-2017-12424

The CVE-2017-12424 issue affects the shadow package (notably the newusers tool) across multiple distributions. A malformed input could cause internal data-structure corruption that leads to crashes or memory corruption, potentially crossing privilege boundaries in certain configurations (e.g., ho...

9.8CVSS9.4AI score0.02659EPSS
Exploits0References5Affected Software1
AlpineLinux
AlpineLinux
added 2017/08/04 9:0 a.m.37 views

CVE-2017-12424

In shadow before 4.5, the newusers tool could be made to manipulate internal data structures in ways unintended by the authors. Malformed input may lead to crashes with a buffer overflow or other memory corruption or other unspecified behaviors. This crosses a privilege boundary in, for example,...

9.8CVSS9.8AI score0.02659EPSS
Exploits0
Rows per page
Query Builder