CVE-2017-20002

The Debian shadow package before 1:4.5-1 for Shadow incorrectly lists pts/0 and pts/1 as physical terminals in /etc/securetty. This allows local users to login as password-less users even if they are connected by non-physical means such as SSH hence bypassing PAM's nulloksecure configuration. Thi...

CVE-2017-20002

The Debian shadow package before 1:4.5-1 for Shadow incorrectly lists pts/0 and pts/1 as physical terminals in /etc/securetty. This allows local users to login as password-less users even if they are connected by non-physical means such as SSH hence bypassing PAM's nulloksecure configuration. Thi...

CVE-2017-20002

CVE-2017-20002 affects the Debian shadow package prior to 1:4.5-1: it incorrectly marks pts/0 and pts/1 as physical terminals in /etc/securetty, enabling local privilege escalation even when users connect non-physically (e.g., SSH). The issue is resolved in the Debian LTS advisories by applying t...

CVE-2017-20002

The Debian shadow package before 1:4.5-1 for Shadow incorrectly lists pts/0 and pts/1 as physical terminals in /etc/securetty. This allows local users to login as password-less users even if they are connected by non-physical means such as SSH hence bypassing PAM's nulloksecure configuration. Thi...

Debian: Security Advisory (DLA-2596-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

shivalikbank.com Cross Site Scripting vulnerability

Security Researcher geeknik Helped patch 8584 vulnerabilities Received 8 Coordinated Disclosure badges Received 20 recommendations , a holder of 8 badges for responsible and coordinated disclosure, found a security vulnerability affecting shivalikbank.com website and its users. Following...