63 matches found
EulerOS 2.0 SP9 : shadow (EulerOS-SA-2023-2323)
According to the versions of the shadow package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn change finger. Although it is not...
EulerOS 2.0 SP9 : shadow (EulerOS-SA-2023-2343)
According to the versions of the shadow package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn change finger. Although it is not...
Firejail: Local Privilege Escalation
Background A SUID program that reduces the risk of security breaches by restricting the running environment of untrusted applications using Linux namespaces and seccomp-bpf. Description Firejail does not sufficiently validate the user's environment prior to using it as the root user when using th...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : shadow (SUSE-SU-2023:2066-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:2066-1 advisory. - CVE-2023-29383: Fixed apparent /etc/shadow manipulation via chfn bsc1210507. Tenable has extracted the...
SUSE SLES15 Security Update : shadow (SUSE-SU-2023:2068-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2023:2068-1 advisory. - CVE-2023-29383: Fixed apparent /etc/shadow manipulation via chfn bsc1210507. Tenable has extracted the preceding description block directl...
SUSE SLES12 Security Update : shadow (SUSE-SU-2023:2069-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2023:2069-1 advisory. - CVE-2023-29383: Fixed apparent /etc/shadow manipulation via chfn bsc1210507. Tenable has extracted the preceding description block directl...
SUSE SLES15 Security Update : shadow (SUSE-SU-2023:2070-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:2070-1 advisory. - CVE-2023-29383: Fixed apparent /etc/shadow manipulation via chfn bsc1210507. Tenable has extracted the preceding description block directl...
CVE-2023-29383
A flaw was found in Shadow, where it is possible to inject control characters into fields provided to the SUID program change fingerchfn. Although it is not possible to exploit this directly for example, adding a new user fails because \n is in the block list, it is possible to misrepresent the...
CVE-2022-37705
A privilege escalation flaw was found in Amanda 3.5.1 in which the backup user can acquire root privileges. The vulnerable component is the runtar SUID program, which is a wrapper to run /usr/bin/tar with specific arguments that are controllable by the attacker. This program mishandles the...
CVE-2022-37705
A privilege escalation flaw was found in Amanda 3.5.1 in which the backup user can acquire root privileges. The vulnerable component is the runtar SUID program, which is a wrapper to run /usr/bin/tar with specific arguments that are controllable by the attacker. This program mishandles the...
CVE-2022-37705
CVE-2022-37705 affects Amanda 3.5.1. The runtar SUID wrapper to tar mishandles arguments, enabling a backup user to escalate to root. Public notes in Debian LTS advisories confirm a fix in amanda packages (e.g., Debian 11 1:3.5.1-7+deb11u1) and CloudLinux/LT advisory references indicate tar optio...
CVE-2022-37705
A privilege escalation flaw was found in Amanda 3.5.1 in which the backup user can acquire root privileges. The vulnerable component is the runtar SUID program, which is a wrapper to run /usr/bin/tar with specific arguments that are controllable by the attacker. This program mishandles the...
CVE-2023-29383
In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn change finger. Although it is not possible to exploit this directly e.g., adding a new user fails because \n is in the block list, it is possible to misrepresent the /etc/passwd file when...
CVE-2023-29383
In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn change finger. Although it is not possible to exploit this directly e.g., adding a new user fails because \n is in the block list, it is possible to misrepresent the /etc/passwd file when...
Design/Logic Flaw
In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn change finger. Although it is not possible to exploit this directly e.g., adding a new user fails because \n is in the block list, it is possible to misrepresent the /etc/passwd file when...
CVE-2023-29383
In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn change finger. Although it is not possible to exploit this directly e.g., adding a new user fails because \n is in the block list, it is possible to misrepresent the /etc/passwd file when...
CVE-2023-29383
In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn change finger. Although it is not possible to exploit this directly e.g., adding a new user fails because \n is in the block list, it is possible to misrepresent the /etc/passwd file when...
CVE-2023-29383
In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn change finger. Although it is not possible to exploit this directly e.g., adding a new user fails because \n is in the block list, it is possible to misrepresent the /etc/passwd file when...
CVE-2023-29383
CVE-2023-29383 describes a vulnerability in Shadow 4.13 where an attacker can inject control characters into fields given to the chfn program (change finger). The issue does not enable direct exploitation (e.g., adding a user fails due to a block list), but can allow an adversary to misrepresent ...
CVE-2023-29383
In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn change finger. Although it is not possible to exploit this directly e.g., adding a new user fails because \n is in the block list, it is possible to misrepresent the /etc/passwd file when...