USN-695-1: shadow vulnerability

🗓️ 18 Dec 2008 01:18:43Reported by UbuntuType

ubuntu

ubuntu🔗 ubuntu.com👁 42 Views

Ubuntu login privilege escalation vulnerability in shadow package

Reporter	Title	Published	Views	Family All 27
Circl	CVE-2008-5394	1 Dec 200800:00	–	circl
CVE	CVE-2008-5394	9 Dec 200800:00	–	cve
Cvelist	CVE-2008-5394	9 Dec 200800:00	–	cvelist
Debian	[SECURITY] [DSA 1709-1] New shadow packages fix privilege escalation	21 Jan 200910:03	–	debian
Debian CVE	CVE-2008-5394	9 Dec 200800:00	–	debiancve
Tenable Nessus	Debian DSA-1709-1 : shadow - race condition	21 Jan 200900:00	–	nessus
Tenable Nessus	GLSA-200903-24 : Shadow: Privilege escalation	11 Mar 200900:00	–	nessus
Tenable Nessus	Mandriva Linux Security Advisory : shadow-utils (MDVSA-2009:062)	23 Apr 200900:00	–	nessus
Tenable Nessus	Ubuntu 6.06 LTS / 7.10 / 8.04 LTS / 8.10 : shadow vulnerability (USN-695-1)	23 Apr 200900:00	–	nessus
EUVD	EUVD-2008-5371	7 Oct 202500:30	–	euvd

OS	OS Version	Architecture	Package	Package Version	Filename
Ubuntu	6.06	any	login	1:4.0.13-7ubuntu3.4	login_1:4.0.13-7ubuntu3.4_any.deb
Ubuntu	7.10	any	login	1:4.0.18.1-9ubuntu0.2	login_1:4.0.18.1-9ubuntu0.2_any.deb
Ubuntu	8.04	any	login	1:4.0.18.2-1ubuntu2.2	login_1:4.0.18.2-1ubuntu2.2_any.deb
Ubuntu	8.10	any	login	1:4.1.1-1ubuntu1.2	login_1:4.1.1-1ubuntu1.2_any.deb

18 Dec 2008 01:18Current

5.5Medium risk

Vulners AI Score5.5

CVSS 27.2

EPSS0.00083

ubuntu login privilege escalation shadow vulnerability packages 8.10 8.04 7.10 6.06 race condition tty permissions local attacker system utmp file root privilege escalation unix