Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2011-0721
HistoryFeb 15, 2011 - 12:00 a.m.

CVE-2011-0721

2011-02-1500:00:00
ubuntu.com
ubuntu.com
7

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:P/A:P

0.004 Low

EPSS

Percentile

74.4%

JSON

Multiple CRLF injection vulnerabilities in (1) chfn and (2) chsh in shadow
1:4.1.4 allow local users to add new users or groups to /etc/passwd via the
GECOS field.

Notes

Author Note
kees introduce in the upstream 4.1.2 changes https://alioth.debian.org/scm/viewvc.php?view=rev&root=pkg-shadow&revision=1978
OSVersionArchitecturePackageVersionFilename
ubuntu9.10noarchshadow< 1:4.1.4.1-1ubuntu2.2UNKNOWN
ubuntu10.04noarchshadow< 1:4.1.4.2-1ubuntu2.2UNKNOWN
ubuntu10.10noarchshadow< 1:4.1.4.2-1ubuntu3.2UNKNOWN

Related

slackware 1
openvas 7
prion 1
debian 1
nessus 4
securityvulns 3
osv 1
ubuntu 1
cve 1
debiancve 1
gentoo 1
slackware
slackware
[slackware-security] shadow
2011-03-27 23:18:49
openvas
openvas
Debian Security Advisory DSA 2164-1 (shadow)
2011-03-07 00:00:00
Ubuntu Update for shadow vulnerability USN-1065-1
2011-02-18 00:00:00
Slackware Advisory SSA:2011-086-03 shadow
2012-09-11 00:00:00
prion
prion
Crlf injection
2011-02-19 01:00:00
debian
debian
[SECURITY] [DSA 2164-1] shadow security update
2011-02-16 00:02:15
nessus
nessus
Slackware 13.1 / current : shadow (SSA:2011-086-03)
2011-05-28 00:00:00
Ubuntu 9.10 / 10.04 LTS / 10.10 : shadow vulnerability (USN-1065-1)
2011-02-16 00:00:00
Debian DSA-2164-1 : shadow - insufficient input sanitization
2011-02-20 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 2164-1] shadow security update
2011-02-17 00:00:00
[USN-1065-1] shadow vulnerability
2011-02-17 00:00:00
passwd / shadow vulnerabilities
2011-02-18 00:00:00
osv
osv
shadow - missing input sanitization
2011-02-16 00:00:00
ubuntu
ubuntu
shadow vulnerability
2011-02-15 00:00:00
cve
cve
CVE-2011-0721
2011-02-19 01:00:00
debiancve
debiancve
CVE-2011-0721
2011-02-19 01:00:00
gentoo
gentoo
Multiple packages, Multiple vulnerabilities fixed in 2011
2014-12-11 00:00:00

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:P/A:P

0.004 Low

EPSS

Percentile

74.4%

JSON
Related for UB:CVE-2011-0721
slackware1openvas7prion1debian1nessus4securityvulns3osv1ubuntu1cve1debiancve1gentoo1