CLSA-2026-1778253061 Fix CVE(s): CVE-2026-27447

SECURITY UPDATE: fix authorization bypass in cupsd caused by case-insensitive comparison of local user and group names. - debian/patches/CVE-2026-27447.patch: compare usernames against the canonical pwname from getpwnam with strcmp in cupsdCheckGroup and cupsdIsAuthorized in scheduler/auth.c;...

GHSA-MH5C-XRMH-M794 uutils coreutils has an Untrusted Search Path

A vulnerability exists in the chroot utility of uutils coreutils when using the --userspec option. The utility resolves the user specification via getpwnam after entering the chroot but before dropping root privileges. On glibc-based systems, this can trigger the Name Service Switch NSS to load...

uutils coreutils has an Untrusted Search Path

A vulnerability exists in the chroot utility of uutils coreutils when using the --userspec option. The utility resolves the user specification via getpwnam after entering the chroot but before dropping root privileges. On glibc-based systems, this can trigger the Name Service Switch NSS to load...

CVE-2026-35368

CVE-2026-35368 describes a local privilege-escalation in the chroot utility of the uutils coreutils when using the --userspec option. The issue arises because the utility resolves the user via getpwnam() after entering the chroot but before dropping root privileges. On glibc-based systems, this c...

EUVD-2010-0047

Malware in sbrugna...

EUVD-2015-7431

Malware in sbrugna...

EUVD-2006-2065

Malware in sbrugna...

SUSE CVE-2010-0015

nis/nssnis/nis-pwd.c in the GNU C Library aka glibc or libc6 2.7 and Embedded GLIBC EGLIBC 2.10.2 adds information from the passwd.adjunct.byname map to entries in the passwd map, which allows remote attackers to obtain the encrypted passwords of NIS accounts by calling the getpwnam function...

SUSE CVE-2015-7510

Stack-based buffer overflow in the getpwnam and getgrnam functions of the NSS module nss-mymachines in systemd...

The vulnerability of the getpwnam and getgrnam functions in the NSS (nss-mymachines) module of the Systemd daemon allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the getpwnam and getgrnam functions in the NSS nss-mymachines module of the Systemd daemon is due to a buffer overflow in the stack. Exploiting this vulnerability allows an attacker operating remotely to compromise the confidentiality, integrity, and accessibility of the...

Systemd Stack Buffer Overflow Vulnerability

systemd is a Linux-based system and service manager developed by German software developer Lennart Poettering and others. It is compatible with the SysV and LSB startup scripts and provides a framework for representing dependencies between system services. A stack buffer overflow vulnerability...

CVE-2015-7510

Stack-based buffer overflow in the getpwnam and getgrnam functions of the NSS module nss-mymachines in systemd...

DEBIAN-CVE-2015-7510

Stack-based buffer overflow in the getpwnam and getgrnam functions of the NSS module nss-mymachines in systemd...

CVE-2015-7510

Stack-based buffer overflow in the getpwnam and getgrnam functions of the NSS module nss-mymachines in systemd...

UBUNTU-CVE-2015-7510

Stack-based buffer overflow in the getpwnam and getgrnam functions of the NSS module nss-mymachines in systemd...

AIX 6.1 TL 7 : bos.rte.security (U838721)

The remote host is missing AIX PTF U838721, which is related to the security of the package bos.rte.security. AIX could allow a local attacker to gain elevated privileges on the system, caused by an error in the getpwnam function when customer extended LDAP user filtering is configured. A local...

AIX 7.1 TL 1 : ldapauth (IV18464)

AIX could allow a local attacker to gain elevated privileges on the system, caused by an error in the getpwnam function when customer extended LDAP user filtering is configured. A local attacker could exploit this vulnerability to gain lateral or elevated privileges on the system. %NASLMINLEVEL...

AIX 6.1 TL 7 : ldapauth (IV18637)

AIX could allow a local attacker to gain elevated privileges on the system, caused by an error in the getpwnam function when customer extended LDAP user filtering is configured. A local attacker could exploit this vulnerability to gain lateral or elevated privileges on the system. %NASLMINLEVEL...

AIX 6.1 TL 5 : ldapauth (IV19097)

AIX could allow a local attacker to gain elevated privileges on the system, caused by an error in the getpwnam function when customer extended LDAP user filtering is configured. A local attacker could exploit this vulnerability to gain lateral or elevated privileges on the system. %NASLMINLEVEL...

AIX 6.1 TL 6 : ldapauth (IV19077)

AIX could allow a local attacker to gain elevated privileges on the system, caused by an error in the getpwnam function when customer extended LDAP user filtering is configured. A local attacker could exploit this vulnerability to gain lateral or elevated privileges on the system. %NASLMINLEVEL...