EUVD-2017-3997

Malware in sbrugna...

SUSE CVE-2017-12424

In shadow before 4.5, the newusers tool could be made to manipulate internal data structures in ways unintended by the authors. Malformed input may lead to crashes with a buffer overflow or other memory corruption or other unspecified behaviors. This crosses a privilege boundary in, for example,...

Debian DLA-2596-1 : shadow security update

Several vulnerabilities were discovered in the shadow suite of login tools. An attacker may escalate privileges in specific configurations. CVE-2017-20002 Shadow incorrectly lists pts/0 and pts/1 as physical terminals in /etc/securetty. This allows local users to login as password-less users even...

Huawei EulerOS: Security Advisory for shadow-utils (EulerOS-SA-2018-1169)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP2 : shadow-utils (EulerOS-SA-2019-2427)

According to the versions of the shadow-utils package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In shadow before 4.5, the newusers tool could be made to manipulate internal data structures in ways unintended by the authors. Malformed...

EulerOS 2.0 SP3 : shadow-utils (EulerOS-SA-2018-1169)

According to the version of the shadow-utils package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A buffer overflow flaw leading to heap memory corruption was found in the shadow-utils's newusers utility. A local, authenticated attacker cou...

SUSE SLED12 / SLES12 Security Update : shadow (SUSE-SU-2017:2947-1)

This update for shadow fixes several issues. This security issue was fixed : - CVE-2017-12424: The newusers tool could have been forced to manipulate internal data structures in ways unintended by the authors. Malformed input may have lead to crashes with a buffer overflow or other memory...

Shadow: Buffer overflow

Background Shadow is a set of tools to deal with user accounts. Description Malformed input in the newusers tool may produce crashes and other unspecified behaviors. Impact A remote attacker could possibly cause a Denial of Service condition or bypass privilege boundaries in some web-hosting...

CVE-2017-12424

A buffer overflow flaw leading to heap memory corruption was found in the shadow-utils's newusers utility. A local, authenticated attacker could potentially use this flaw to crash the newusers process by supplying crafted data to it...

DEBIAN-CVE-2017-12424

In shadow before 4.5, the newusers tool could be made to manipulate internal data structures in ways unintended by the authors. Malformed input may lead to crashes with a buffer overflow or other memory corruption or other unspecified behaviors. This crosses a privilege boundary in, for example,...

CVE-2017-12424

In shadow before 4.5, the newusers tool could be made to manipulate internal data structures in ways unintended by the authors. Malformed input may lead to crashes with a buffer overflow or other memory corruption or other unspecified behaviors. This crosses a privilege boundary in, for example,...

UBUNTU-CVE-2017-12424

In shadow before 4.5, the newusers tool could be made to manipulate internal data structures in ways unintended by the authors. Malformed input may lead to crashes with a buffer overflow or other memory corruption or other unspecified behaviors. This crosses a privilege boundary in, for example,...

CVE-2017-12424

In shadow before 4.5, the newusers tool could be made to manipulate internal data structures in ways unintended by the authors. Malformed input may lead to crashes with a buffer overflow or other memory corruption or other unspecified behaviors. This crosses a privilege boundary in, for example,...

CVE-2017-12424

In shadow before 4.5, the newusers tool could be made to manipulate internal data structures in ways unintended by the authors. Malformed input may lead to crashes with a buffer overflow or other memory corruption or other unspecified behaviors. This crosses a privilege boundary in, for example,...

CVE-2017-12424

The CVE-2017-12424 issue affects the shadow package (notably the newusers tool) across multiple distributions. A malformed input could cause internal data-structure corruption that leads to crashes or memory corruption, potentially crossing privilege boundaries in certain configurations (e.g., ho...

BlogTorrent 0.92 - Remote Password Disclosure

BlogTorrent 0.92 - Remote Password Disclosure Edited for easy info. /str0ke Software: BlogTorrent 0.92 14ae696abdca1688dd577fe486c3981f331457b0d7 Password crypt in md5 - d7b82821fe725305bded2fab9e91ed1e0e6fd93bee LazyCrsATGMailDOTcom - pjphemATmyboxDOTit FREE RAFA! FREE RAFA! FREE RAFA! milw0rm.c...