4 matches found
SUSE SLES12 Security Update : shadow (SUSE-SU-2023:2069-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2023:2069-1 advisory. - CVE-2023-29383: Fixed apparent /etc/shadow manipulation via chfn bsc1210507. Tenable has extracted the preceding description block directl...
CVE-2022-4318
A vulnerability was found in cri-o. This issue allows the addition of arbitrary lines into /etc/passwd by use of a specially crafted environment variable...
Path traversal
A vulnerability was found in Simplessus 3.7.7. It has been rated as critical. This issue affects some unknown processing. The manipulation of the argument path with the input ..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd leads to path traversal. The...
CVE-2011-0721
Multiple CRLF injection vulnerabilities in 1 chfn and 2 chsh in shadow 1:4.1.4 allow local users to add new users or groups to /etc/passwd via the GECOS field...