CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

passwd command in shadow in Ubuntu 5.04 through 6.06 LTS, when called with the -f, -g, or -s flag, does not check the return code of a setuid call, which might allow local users to gain root privileges if setuid fails in cases such as PAM failures or resource limits...

7.2CVSS7.6AI score0.00341EPSS

Exploits0References2

Tenable Nessus•added 2012/01/06 12:0 a.m.•10 views

Successful Shell Attack Detected - IRIX 'passwd' Command

Binary data 6146.prm...

7.3AI score

Exploits0

Tenable Nessus•added 2012/01/06 12:0 a.m.•17 views

Successful Shell Attack Detected - Linux 'passwd' Command

Binary data 6145.prm...

7.3AI score

Exploits0

Tenable Nessus•added 2007/01/17 12:0 a.m.•13 views

Fedora Core 4 : busybox-1.00-5.fc4 (2006-511)

The BusyBox passwd command does not use a proper salt when generating passwords. This would create an instance where a brute-force attack could take very little time. This problem is fixed in busybox-1.00-5.fc4. Note that Tenable Network Security has extracted the preceding description block...

5.5AI score

Exploits0References1

OSV•added 2006/07/06 8:5 p.m.•9 views

CVE-2006-3378

6.6AI score

Exploits0References7

Prion•added 2006/02/09 2:2 a.m.•17 views

Buffer overflow

Multiple buffer overflows in QNX Neutrino RTOS 6.2.0 allow local users to execute arbitrary code via a long first argument to the 1 su or 2 passwd commands...

7.2CVSS7.9AI score0.005EPSS

Exploits0References10Affected Software1

NVD•added 2006/02/09 2:2 a.m.•13 views

CVE-2006-0621

Multiple buffer overflows in QNX Neutrino RTOS 6.2.0 allow local users to execute arbitrary code via a long first argument to the 1 su or 2 passwd commands...

7.2CVSS7.4AI score0.005EPSS

Exploits0References10

Cvelist•added 2006/02/09 2:0 a.m.•19 views

CVE-2006-0621

Multiple buffer overflows in QNX Neutrino RTOS 6.2.0 allow local users to execute arbitrary code via a long first argument to the 1 su or 2 passwd commands...

7.4AI score0.005EPSS

Exploits0References10

CERT•added 2004/03/05 12:0 a.m.•24 views

Sun Solaris passwd command allows for privilege escalation

Overview Sun Solaris contains a vulnerability in the passwd1 command which could allow for privilege escalation. Description The passwd command is used to update a user's authentication tokens. There is non-specific vulnerability identified in Sun Security Alert ID: 57454. This vulnerability coul...

7.1AI score

Exploits0References3

Cvelist•added 1999/09/29 4:0 a.m.•23 views

CVE-1999-0188

The passwd command in Solaris can be subjected to a denial of service...

6.6AI score0.00378EPSS

Exploits0References1