13 matches found
EUVD-2021-27274
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2021-40084
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - opensysusers through 0.6 does not safely use eval on files in sysusers.d that may contain shell metacharacters. For example, it allows command execution via a...
Remote Code Execution (RCE)
opensysusers is vulnerable to denial of service. It does not safely use eval on files in sysusers.d that may contain shell metacharacters. For example, it allows command execution via a crafted GECOS field whereas systemd-sysusers a program with the same specification does not do that...
CVE-2021-40084
opensysusers through 0.6 does not safely use eval on files in sysusers.d that may contain shell metacharacters. For example, it allows command execution via a crafted GECOS field whereas systemd-sysusers a program with the same specification does not do that...
CVE-2021-40084
opensysusers through 0.6 does not safely use eval on files in sysusers.d that may contain shell metacharacters. For example, it allows command execution via a crafted GECOS field whereas systemd-sysusers a program with the same specification does not do that...
DEBIAN-CVE-2021-40084
opensysusers through 0.6 does not safely use eval on files in sysusers.d that may contain shell metacharacters. For example, it allows command execution via a crafted GECOS field whereas systemd-sysusers a program with the same specification does not do that...
CVE-2021-40084
opensysusers through 0.6 does not safely use eval on files in sysusers.d that may contain shell metacharacters. For example, it allows command execution via a crafted GECOS field whereas systemd-sysusers a program with the same specification does not do that...
UBUNTU-CVE-2021-40084
opensysusers through 0.6 does not safely use eval on files in sysusers.d that may contain shell metacharacters. For example, it allows command execution via a crafted GECOS field whereas systemd-sysusers a program with the same specification does not do that...
Command injection
opensysusers through 0.6 does not safely use eval on files in sysusers.d that may contain shell metacharacters. For example, it allows command execution via a crafted GECOS field whereas systemd-sysusers a program with the same specification does not do that...
CVE-2021-40084
opensysusers through 0.6 does not safely use eval on files in sysusers.d that may contain shell metacharacters. For example, it allows command execution via a crafted GECOS field whereas systemd-sysusers a program with the same specification does not do that...
CVE-2021-40084
The CVE-2021-40084 entry affects opensysusers through version 0.6, where unsafe usage of eval on files in sysusers.d may allow shell metacharacters to trigger command execution (e.g., via a crafted GECOS field). This is documented as a denial of service/remote-like risk with high severity in CVE ...
CVE-2021-40084
opensysusers through 0.6 does not safely use eval on files in sysusers.d that may contain shell metacharacters. For example, it allows command execution via a crafted GECOS field whereas systemd-sysusers a program with the same specification does not do that...
opensysusers 代码注入漏洞
opensysusers is an open source package. It is an alternative implementation of systemd-sysusers that can be run on systems with or without systemd installed. A code injection vulnerability exists in versions of opensysusers prior to 0.6, which poses a security risk primarily due to the use of...