EUVD-2017-3997

Malware in sbrugna...

SUSE CVE-2017-12424

In shadow before 4.5, the newusers tool could be made to manipulate internal data structures in ways unintended by the authors. Malformed input may lead to crashes with a buffer overflow or other memory corruption or other unspecified behaviors. This crosses a privilege boundary in, for example,...

The vulnerability of the newusers tool in the shadow account management utility allows for data leakage when operations are performed outside of the buffer in memory. This enables attackers to access confidential data, compromise its integrity, and cause service interruptions.

The vulnerability of the newusers tool in the shadow account management utility is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability allows an attacker to gain access to confidential data, compromise its integrity, and cause service interruptions...

Debian DLA-2596-1 : shadow security update

Several vulnerabilities were discovered in the shadow suite of login tools. An attacker may escalate privileges in specific configurations. CVE-2017-20002 Shadow incorrectly lists pts/0 and pts/1 as physical terminals in /etc/securetty. This allows local users to login as password-less users even...

Huawei EulerOS: Security Advisory for shadow-utils (EulerOS-SA-2018-1169)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP2 : shadow-utils (EulerOS-SA-2019-2427)

According to the versions of the shadow-utils package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In shadow before 4.5, the newusers tool could be made to manipulate internal data structures in ways unintended by the authors. Malformed...

EulerOS 2.0 SP3 : shadow-utils (EulerOS-SA-2018-1169)

According to the version of the shadow-utils package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A buffer overflow flaw leading to heap memory corruption was found in the shadow-utils's newusers utility. A local, authenticated attacker cou...

SUSE SLED12 / SLES12 Security Update : shadow (SUSE-SU-2017:2947-1)

This update for shadow fixes several issues. This security issue was fixed : - CVE-2017-12424: The newusers tool could have been forced to manipulate internal data structures in ways unintended by the authors. Malformed input may have lead to crashes with a buffer overflow or other memory...

Shadow: Buffer overflow

Background Shadow is a set of tools to deal with user accounts. Description Malformed input in the newusers tool may produce crashes and other unspecified behaviors. Impact A remote attacker could possibly cause a Denial of Service condition or bypass privilege boundaries in some web-hosting...

CVE-2017-12424

A buffer overflow flaw leading to heap memory corruption was found in the shadow-utils's newusers utility. A local, authenticated attacker could potentially use this flaw to crash the newusers process by supplying crafted data to it...

CVE-2017-12424

In shadow before 4.5, the newusers tool could be made to manipulate internal data structures in ways unintended by the authors. Malformed input may lead to crashes with a buffer overflow or other memory corruption or other unspecified behaviors. This crosses a privilege boundary in, for example,...

UBUNTU-CVE-2017-12424

In shadow before 4.5, the newusers tool could be made to manipulate internal data structures in ways unintended by the authors. Malformed input may lead to crashes with a buffer overflow or other memory corruption or other unspecified behaviors. This crosses a privilege boundary in, for example,...

DEBIAN-CVE-2017-12424

In shadow before 4.5, the newusers tool could be made to manipulate internal data structures in ways unintended by the authors. Malformed input may lead to crashes with a buffer overflow or other memory corruption or other unspecified behaviors. This crosses a privilege boundary in, for example,...

CVE-2017-12424

In shadow before 4.5, the newusers tool could be made to manipulate internal data structures in ways unintended by the authors. Malformed input may lead to crashes with a buffer overflow or other memory corruption or other unspecified behaviors. This crosses a privilege boundary in, for example,...

CVE-2017-12424

The CVE-2017-12424 issue affects the shadow package (notably the newusers tool) across multiple distributions. A malformed input could cause internal data-structure corruption that leads to crashes or memory corruption, potentially crossing privilege boundaries in certain configurations (e.g., ho...

CVE-2017-12424

In shadow before 4.5, the newusers tool could be made to manipulate internal data structures in ways unintended by the authors. Malformed input may lead to crashes with a buffer overflow or other memory corruption or other unspecified behaviors. This crosses a privilege boundary in, for example,...

BlogTorrent 0.92 - Remote Password Disclosure

BlogTorrent 0.92 - Remote Password Disclosure Edited for easy info. /str0ke Software: BlogTorrent 0.92 14ae696abdca1688dd577fe486c3981f331457b0d7 Password crypt in md5 - d7b82821fe725305bded2fab9e91ed1e0e6fd93bee LazyCrsATGMailDOTcom - pjphemATmyboxDOTit FREE RAFA! FREE RAFA! FREE RAFA! milw0rm.c...