Shadow Security Vulnerabilities and Issues — Shadow CVE List

DebianShadow

8 matches found

CVE•added 2019/12/03 12:0 a.m.•189 views

CVE-2013-4235

CVE-2013-4235 refers to a shadow-utils TOCTOU (time-of-check-time-of-use) race condition when copying and removing directory trees. The Connected IBM X-Force bulletin lists this CVE with CWE-367, a base score of 3.7, CVSS vector (AV:L/AC:H/Au:N/C:P/I:P/A:P). The Initial description notes the race...

4.7CVSS4.8AI score0.00064EPSS

CVE•added 2021/03/17 6:0 a.m.•97 views

CVE-2017-20002

CVE-2017-20002 affects the Debian shadow package prior to 1:4.5-1: it incorrectly marks pts/0 and pts/1 as physical terminals in /etc/securetty, enabling local privilege escalation even when users connect non-physically (e.g., SSH). The issue is resolved in the Debian LTS advisories by applying t...

7.8CVSS8.3AI score0.00052EPSS

CVE•added 2019/11/04 6:38 p.m.•91 views

CVE-2005-4890

The CVE-2005-4890 entry describes a local vulnerability where tty hijacking is possible in shadow 4.x (before 4.1.5) and sudo 1.x (before 1.7.4) via the command path "su - user -c program". Attacker can use the TIOCSTI ioctl to inject characters into the input buffer, allowing the user session to...

7.8CVSS7.5AI score0.00227EPSS

CVE•added 2006/05/28 11:0 p.m.•81 views

CVE-2006-1174

CVE-2006-1174 affects the shadow-utils package, specifically the useradd tool. The issue arises when creating a new user mailbox: the open function is not given the correct arguments, causing the mailbox to be created with unpredictable permissions. As a result, a local attacker could potentially...

3.7CVSS6AI score0.00096EPSS

CVE•added 2008/12/09 12:0 a.m.•77 views

CVE-2008-5394

CVE-2008-5394 concerns the shadow package’s /bin/login on Debian (and likely other distros) where local users in the utmp group could exploit a symlink vulnerability to overwrite arbitrary files via a temporary file referenced in a utmp entry’s ut_line field. The described condition affects shado...

7.2CVSS6AI score0.00083EPSS

CVE•added 2004/11/04 5:0 a.m.•66 views

CVE-2004-1001

CVE-2004-1001 affects Shadow’s passwd_check in version 4.0.4.1 (and possibly earlier than 4.0.5). A local user can perform unauthorized activities when an error from pam_chauthtok is not properly handled. The issue is local in scope with partial confidentiality/integrity/availability impact as pe...

4.6CVSS5.8AI score0.00081EPSS

CVE•added 2011/02/18 11:0 p.m.•63 views

CVE-2011-0721

CVE-2011-0721 affects the shadow package: CRLF injection in chfn and chsh allows local users to alter /etc/passwd via the GECOS field. Root cause is improper input sanitization of newline characters. Debian and Slackware advisories indicate an updated shadow package as the fix; exploitation detai...

6.4CVSS9.1AI score0.0142EPSS

CVE•added 2006/04/19 4:0 p.m.•49 views

CVE-2006-1844

CVE-2006-1844 affects the Debian installer components for shadow 4.0.14 and base-config 2.53.10. The issue arises from world-readable log files that contain sensitive data (preseeded passwords and pppoeconf passwords), enabling local users to potentially gain privileges. The records do not specif...

2.1CVSS6.3AI score0.00069EPSS