23 matches found
EUVD-2006-2046
Malware in sbrugna...
pam security update
1.5.1-21.0.1 - pamaccess: clean up the remote host matching code Orabug: 36771903 - pamlimits: fix use after free in pamsmopensession Orabug: 36406534 1.5.1-21 - pamunix: always run the helper to obtain shadow password file entries. CVE-2024-10041. Resolves: RHEL-62880 1.5.1-20 - libpam: support...
pam security update
1.3.1-36.0.1 - pamlimits: fix use after free in pamsmopensession Orabug: 36272695 1.3.1-36 - pamaccess: rework resolving of tokens as hostname. Resolves: CVE-2024-10963 and RHEL-66242 1.3.1-35 - pamunix: always run the helper to obtain shadow password file entries. CVE-2024-10041. Resolves:...
OESA-2023-1851 shadow security update
Tools for managing accounts and shadow password files. Security Fixes: shadow: TOCTOU time-of-check time-of-use race condition when copying and removing directory treesCVE-2013-4235...
OESA-2023-1850 shadow security update
Tools for managing accounts and shadow password files. Security Fixes: shadow: TOCTOU time-of-check time-of-use race condition when copying and removing directory treesCVE-2013-4235...
OESA-2023-1258 shadow security update
This package includes the necessary programs for converting plain password files to the shadow password format and to manage user and group accounts. Security Fixes: In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn change finger. Although i...
Linux: Get UID variables from /etc/login.defs
The /etc/login.defs file defines the site-specific configuration for the shadow password suite. This file is required. Absence of this file will not prevent system operation, but will probably result in undesirable operation. This script reads and stores variables SYSUIDMAX, SYSUIDMIN, UIDMAX and...
Linux: /etc/login.defs LASTLOG_ENAB
The /etc/login.defs file defines the site-specific configuration for the shadow password suite. This file is required. Absence of this file will not prevent system operation, but will probably result in undesirable operation. LASTLOGENAB boolean enables logging and display of /var/log/lastlog log...
Linux: Read /etc/login.defs (KB)
The /etc/login.defs file defines the site-specific configuration for the shadow password suite. This file is required. Absence of this file will not prevent system operation, but will probably result in undesirable operation. Note: This script only stores information for other Policy Controls...
Linux: /etc/login.defs LOG_UNKFAIL_ENAB
The /etc/login.defs file defines the site-specific configuration for the shadow password suite. This file is required. Absence of this file will not prevent system operation, but will probably result in undesirable operation. LOGUNKFAILENAB boolean enables display of unknown usernames when login...
libuser security update
CentOS Errata and Security Advisory CESA-2015:1483 Updated libuser packages that fix two security issues are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, whic...
SGI IRIX <= 6.5.2 nsd Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/412/info A vulnerability has been discovered in the nsd service, as included by SGI in Irix 6.5.x. The vulnerability allows remote users to access potentially sensitive pieces of information, including, but not limited to...
[SECURITY] Fedora 18 Update: libuser-0.58-3.fc18
The libuser library implements a standardized interface for manipulating and administering user and group accounts. The library uses pluggable back-ends to interface to its data sources. Sample applications modeled after those included with the shadow password suite are included...
[SECURITY] Fedora 13 Update: libuser-0.56.16-1.fc13.2
The libuser library implements a standardized interface for manipulating and administering user and group accounts. The library uses pluggable back-ends to interface to its data sources. Sample applications modeled after those included with the shadow password suite are included...
Moderate: Red Hat Security Advisory: libuser security update
Updated libuser packages that fix one security issue are now available for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
CentOS 3 : shadow-utils (CESA-2007:0431)
An updated shadow-utils package that fixes a security issue and several bugs is now available. This update has been rated as having low security impact by the Red Hat Security Response Team. The shadow-utils package includes the necessary programs for converting UNIX password files to the shadow...
Default credentials
The 1 shadow password file in na-img-4.0.34.bin for the IP3 Networks NetAccess NA75 has world readable permissions, which allows local users to view encrypted passwords; and the 2 NetAccess database file has world readable and writable permissions, which allows local users to view sensitive...
CVE-2006-2045
The 1 shadow password file in na-img-4.0.34.bin for the IP3 Networks NetAccess NA75 has world readable permissions, which allows local users to view encrypted passwords; and the 2 NetAccess database file has world readable and writable permissions, which allows local users to view sensitive...
CVE-2006-2045
The 1 shadow password file in na-img-4.0.34.bin for the IP3 Networks NetAccess NA75 has world readable permissions, which allows local users to view encrypted passwords; and the 2 NetAccess database file has world readable and writable permissions, which allows local users to view sensitive...
CVE-2000-0513
CUPS Common Unix Printing System 1.04 and earlier allows remote attackers to cause a denial of service by authenticating with a user name that does not exist or does not have a shadow password...