Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    16 vulnerabilities found for shadow by debian

    CVE-2017-20002 (GCVE-0-2017-20002)

    Vulnerability from cvelistv5 – Published: 2021-03-17 06:00 – Updated: 2024-08-05 21:45
    VLAI
    Summary
    The Debian shadow package before 1:4.5-1 for Shadow incorrectly lists pts/0 and pts/1 as physical terminals in /etc/securetty. This allows local users to login as password-less users even if they are connected by non-physical means such as SSH (hence bypassing PAM's nullok_secure configuration). This notably affects environments such as virtual machines automatically generated with a default blank root password, allowing all local users to escalate privileges.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T21:45:24.409Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877374"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=914957"
              },
              {
                "name": "[debian-lts-announce] 20210317 [SECURITY] [DLA 2596-1] shadow security update",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00020.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The Debian shadow package before 1:4.5-1 for Shadow incorrectly lists pts/0 and pts/1 as physical terminals in /etc/securetty. This allows local users to login as password-less users even if they are connected by non-physical means such as SSH (hence bypassing PAM\u0027s nullok_secure configuration). This notably affects environments such as virtual machines automatically generated with a default blank root password, allowing all local users to escalate privileges."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-03-18T03:57:29.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877374"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=914957"
            },
            {
              "name": "[debian-lts-announce] 20210317 [SECURITY] [DLA 2596-1] shadow security update",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00020.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2017-20002",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The Debian shadow package before 1:4.5-1 for Shadow incorrectly lists pts/0 and pts/1 as physical terminals in /etc/securetty. This allows local users to login as password-less users even if they are connected by non-physical means such as SSH (hence bypassing PAM\u0027s nullok_secure configuration). This notably affects environments such as virtual machines automatically generated with a default blank root password, allowing all local users to escalate privileges."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877374",
                  "refsource": "MISC",
                  "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877374"
                },
                {
                  "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=914957",
                  "refsource": "MISC",
                  "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=914957"
                },
                {
                  "name": "[debian-lts-announce] 20210317 [SECURITY] [DLA 2596-1] shadow security update",
                  "refsource": "MLIST",
                  "url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00020.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2017-20002",
        "datePublished": "2021-03-17T06:00:09.000Z",
        "dateReserved": "2021-03-17T00:00:00.000Z",
        "dateUpdated": "2024-08-05T21:45:24.409Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2013-4235 (GCVE-0-2013-4235)

    Vulnerability from cvelistv5 – Published: 2019-12-03 00:00 – Updated: 2024-08-06 16:38
    VLAI
    Summary
    shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees
    Severity
    No CVSS data available.
    CWE
    • race conditions by copying and removing directory trees
    Assigner
    Impacted products
    Vendor Product Version
    shadow shadow Affected: 1
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T16:38:01.619Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://security-tracker.debian.org/tracker/CVE-2013-4235"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/security/cve/cve-2013-4235"
              },
              {
                "name": "[mina-dev] 20210225 [jira] [Created] (FTPSERVER-500) Security vulnerability in common/lib/log4j-1.2.17.jar",
                "tags": [
                  "mailing-list",
                  "x_transferred"
                ],
                "url": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E"
              },
              {
                "name": "GLSA-202210-26",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://security.gentoo.org/glsa/202210-26"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "shadow",
              "vendor": "shadow",
              "versions": [
                {
                  "status": "affected",
                  "version": "1"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "race conditions by copying and removing directory trees",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-10-31T00:00:00.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "url": "https://security-tracker.debian.org/tracker/CVE-2013-4235"
            },
            {
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235"
            },
            {
              "url": "https://access.redhat.com/security/cve/cve-2013-4235"
            },
            {
              "name": "[mina-dev] 20210225 [jira] [Created] (FTPSERVER-500) Security vulnerability in common/lib/log4j-1.2.17.jar",
              "tags": [
                "mailing-list"
              ],
              "url": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E"
            },
            {
              "name": "GLSA-202210-26",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://security.gentoo.org/glsa/202210-26"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2013-4235",
        "datePublished": "2019-12-03T00:00:00.000Z",
        "dateReserved": "2013-06-12T00:00:00.000Z",
        "dateUpdated": "2024-08-06T16:38:01.619Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2005-4890 (GCVE-0-2005-4890)

    Vulnerability from cvelistv5 – Published: 2019-11-04 18:38 – Updated: 2024-08-08 00:01
    VLAI
    Summary
    There is a possible tty hijacking in shadow 4.x before 4.1.5 and sudo 1.x before 1.7.4 via "su - user -c program". The user session can be escaped to the parent session by using the TIOCSTI ioctl to push characters into the input buffer to be read by the next process.
    Severity
    No CVSS data available.
    CWE
    • tty hijacking possible in "su" via TIOCSTI ioctl
    Assigner
    Impacted products
    Vendor Product Version
    Red Hat shadow Affected: 4.x before 4.1.5
    Create a notification for this product.
    Red Hat sudo Affected: 1.x before 1.7.4
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T00:01:23.403Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2014/12/15/5"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://security-tracker.debian.org/tracker/CVE-2005-4890"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2005-4890"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/security/cve/cve-2005-4890"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2012/11/06/8"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2013/05/20/3"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2013/11/28/10"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2013/11/29/5"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2014/10/20/9"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2014/10/21/1"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2016/02/25/6"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "shadow",
              "vendor": "Red Hat",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.x before 4.1.5"
                }
              ]
            },
            {
              "product": "sudo",
              "vendor": "Red Hat",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.x before 1.7.4"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "There is a possible tty hijacking in shadow 4.x before 4.1.5 and sudo 1.x before 1.7.4 via \"su - user -c program\". The user session can be escaped to the parent session by using the TIOCSTI ioctl to push characters into the input buffer to be read by the next process."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "tty hijacking possible in \"su\" via TIOCSTI ioctl",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-11-04T18:38:09.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2014/12/15/5"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://security-tracker.debian.org/tracker/CVE-2005-4890"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2005-4890"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://access.redhat.com/security/cve/cve-2005-4890"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2012/11/06/8"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2013/05/20/3"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2013/11/28/10"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2013/11/29/5"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2014/10/20/9"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2014/10/21/1"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2016/02/25/6"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2005-4890",
        "datePublished": "2019-11-04T18:38:09.000Z",
        "dateReserved": "2011-12-19T00:00:00.000Z",
        "dateUpdated": "2024-08-08T00:01:23.403Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2011-0721 (GCVE-0-2011-0721)

    Vulnerability from cvelistv5 – Published: 2011-02-18 23:00 – Updated: 2024-08-06 22:05
    VLAI
    Summary
    Multiple CRLF injection vulnerabilities in (1) chfn and (2) chsh in shadow 1:4.1.4 allow local users to add new users or groups to /etc/passwd via the GECOS field.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.vupen.com/english/advisories/2011/0398 vdb-entryx_refsource_VUPEN
    http://www.vupen.com/english/advisories/2011/0773 vdb-entryx_refsource_VUPEN
    http://secunia.com/advisories/43345 third-party-advisoryx_refsource_SECUNIA
    http://www.debian.org/security/2011/dsa-2164 vendor-advisoryx_refsource_DEBIAN
    http://www.ubuntu.com/usn/USN-1065-1 vendor-advisoryx_refsource_UBUNTU
    http://www.vupen.com/english/advisories/2011/0396 vdb-entryx_refsource_VUPEN
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://osvdb.org/70895 vdb-entryx_refsource_OSVDB
    http://www.securityfocus.com/bid/46426 vdb-entryx_refsource_BID
    http://slackware.com/security/viewer.php?l=slackw… vendor-advisoryx_refsource_SLACKWARE
    http://secunia.com/advisories/42505 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2011-02-16 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T22:05:53.410Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ADV-2011-0398",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2011/0398"
              },
              {
                "name": "ADV-2011-0773",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2011/0773"
              },
              {
                "name": "43345",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/43345"
              },
              {
                "name": "DSA-2164",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2011/dsa-2164"
              },
              {
                "name": "USN-1065-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "http://www.ubuntu.com/usn/USN-1065-1"
              },
              {
                "name": "ADV-2011-0396",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2011/0396"
              },
              {
                "name": "shadow-chfnchsh-crlf-injection(65564)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65564"
              },
              {
                "name": "70895",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/70895"
              },
              {
                "name": "46426",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/46426"
              },
              {
                "name": "SSA:2011-086-03",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SLACKWARE",
                  "x_transferred"
                ],
                "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2011\u0026m=slackware-security.380014"
              },
              {
                "name": "42505",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/42505"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2011-02-16T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple CRLF injection vulnerabilities in (1) chfn and (2) chsh in shadow 1:4.1.4 allow local users to add new users or groups to /etc/passwd via the GECOS field."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-16T14:57:01.000Z",
            "orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
            "shortName": "canonical"
          },
          "references": [
            {
              "name": "ADV-2011-0398",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2011/0398"
            },
            {
              "name": "ADV-2011-0773",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2011/0773"
            },
            {
              "name": "43345",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/43345"
            },
            {
              "name": "DSA-2164",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2011/dsa-2164"
            },
            {
              "name": "USN-1065-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "http://www.ubuntu.com/usn/USN-1065-1"
            },
            {
              "name": "ADV-2011-0396",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2011/0396"
            },
            {
              "name": "shadow-chfnchsh-crlf-injection(65564)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65564"
            },
            {
              "name": "70895",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/70895"
            },
            {
              "name": "46426",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/46426"
            },
            {
              "name": "SSA:2011-086-03",
              "tags": [
                "vendor-advisory",
                "x_refsource_SLACKWARE"
              ],
              "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2011\u0026m=slackware-security.380014"
            },
            {
              "name": "42505",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/42505"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@ubuntu.com",
              "ID": "CVE-2011-0721",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple CRLF injection vulnerabilities in (1) chfn and (2) chsh in shadow 1:4.1.4 allow local users to add new users or groups to /etc/passwd via the GECOS field."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "ADV-2011-0398",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2011/0398"
                },
                {
                  "name": "ADV-2011-0773",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2011/0773"
                },
                {
                  "name": "43345",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/43345"
                },
                {
                  "name": "DSA-2164",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2011/dsa-2164"
                },
                {
                  "name": "USN-1065-1",
                  "refsource": "UBUNTU",
                  "url": "http://www.ubuntu.com/usn/USN-1065-1"
                },
                {
                  "name": "ADV-2011-0396",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2011/0396"
                },
                {
                  "name": "shadow-chfnchsh-crlf-injection(65564)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65564"
                },
                {
                  "name": "70895",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/70895"
                },
                {
                  "name": "46426",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/46426"
                },
                {
                  "name": "SSA:2011-086-03",
                  "refsource": "SLACKWARE",
                  "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2011\u0026m=slackware-security.380014"
                },
                {
                  "name": "42505",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/42505"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
        "assignerShortName": "canonical",
        "cveId": "CVE-2011-0721",
        "datePublished": "2011-02-18T23:00:00.000Z",
        "dateReserved": "2011-02-01T00:00:00.000Z",
        "dateUpdated": "2024-08-06T22:05:53.410Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2008-5394 (GCVE-0-2008-5394)

    Vulnerability from cvelistv5 – Published: 2008-12-09 00:00 – Updated: 2024-08-07 10:49
    VLAI
    Summary
    /bin/login in shadow 4.0.18.1 in Debian GNU/Linux, and probably other Linux distributions, allows local users in the utmp group to overwrite arbitrary files via a symlink attack on a temporary file referenced in a line (aka ut_line) field in a utmp entry.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://osvdb.org/52200 vdb-entryx_refsource_OSVDB
    http://bugs.debian.org/505271 x_refsource_CONFIRM
    http://www.securityfocus.com/bid/32552 vdb-entryx_refsource_BID
    http://bugs.debian.org/332198 x_refsource_CONFIRM
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://security.gentoo.org/glsa/glsa-200903-24.xml vendor-advisoryx_refsource_GENTOO
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    http://www.securityfocus.com/archive/1/498769/100… mailing-listx_refsource_BUGTRAQ
    https://www.exploit-db.com/exploits/7313 exploitx_refsource_EXPLOIT-DB
    http://securityreason.com/securityalert/4695 third-party-advisoryx_refsource_SREASON
    http://bugs.debian.org/505071 x_refsource_CONFIRM
    http://www.ubuntu.com/usn/usn-695-1 vendor-advisoryx_refsource_UBUNTU
    Date Public
    2008-11-30 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T10:49:12.898Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "52200",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/52200"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://bugs.debian.org/505271"
              },
              {
                "name": "32552",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/32552"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://bugs.debian.org/332198"
              },
              {
                "name": "debian-login-symlink(47037)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47037"
              },
              {
                "name": "GLSA-200903-24",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-200903-24.xml"
              },
              {
                "name": "MDVSA-2009:062",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:062"
              },
              {
                "name": "20081130 /bin/login gives root to group utmp",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/498769/100/0/threaded"
              },
              {
                "name": "7313",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/7313"
              },
              {
                "name": "4695",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/4695"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://bugs.debian.org/505071"
              },
              {
                "name": "USN-695-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "http://www.ubuntu.com/usn/usn-695-1"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2008-11-30T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "/bin/login in shadow 4.0.18.1 in Debian GNU/Linux, and probably other Linux distributions, allows local users in the utmp group to overwrite arbitrary files via a symlink attack on a temporary file referenced in a line (aka ut_line) field in a utmp entry."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-11T19:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "52200",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/52200"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://bugs.debian.org/505271"
            },
            {
              "name": "32552",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/32552"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://bugs.debian.org/332198"
            },
            {
              "name": "debian-login-symlink(47037)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47037"
            },
            {
              "name": "GLSA-200903-24",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-200903-24.xml"
            },
            {
              "name": "MDVSA-2009:062",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:062"
            },
            {
              "name": "20081130 /bin/login gives root to group utmp",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/498769/100/0/threaded"
            },
            {
              "name": "7313",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/7313"
            },
            {
              "name": "4695",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/4695"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://bugs.debian.org/505071"
            },
            {
              "name": "USN-695-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "http://www.ubuntu.com/usn/usn-695-1"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2008-5394",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "/bin/login in shadow 4.0.18.1 in Debian GNU/Linux, and probably other Linux distributions, allows local users in the utmp group to overwrite arbitrary files via a symlink attack on a temporary file referenced in a line (aka ut_line) field in a utmp entry."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "52200",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/52200"
                },
                {
                  "name": "http://bugs.debian.org/505271",
                  "refsource": "CONFIRM",
                  "url": "http://bugs.debian.org/505271"
                },
                {
                  "name": "32552",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/32552"
                },
                {
                  "name": "http://bugs.debian.org/332198",
                  "refsource": "CONFIRM",
                  "url": "http://bugs.debian.org/332198"
                },
                {
                  "name": "debian-login-symlink(47037)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47037"
                },
                {
                  "name": "GLSA-200903-24",
                  "refsource": "GENTOO",
                  "url": "http://security.gentoo.org/glsa/glsa-200903-24.xml"
                },
                {
                  "name": "MDVSA-2009:062",
                  "refsource": "MANDRIVA",
                  "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:062"
                },
                {
                  "name": "20081130 /bin/login gives root to group utmp",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/498769/100/0/threaded"
                },
                {
                  "name": "7313",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/7313"
                },
                {
                  "name": "4695",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/4695"
                },
                {
                  "name": "http://bugs.debian.org/505071",
                  "refsource": "CONFIRM",
                  "url": "http://bugs.debian.org/505071"
                },
                {
                  "name": "USN-695-1",
                  "refsource": "UBUNTU",
                  "url": "http://www.ubuntu.com/usn/usn-695-1"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2008-5394",
        "datePublished": "2008-12-09T00:00:00.000Z",
        "dateReserved": "2008-12-08T00:00:00.000Z",
        "dateUpdated": "2024-08-07T10:49:12.898Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-1174 (GCVE-0-2006-1174)

    Vulnerability from cvelistv5 – Published: 2006-05-28 23:00 – Updated: 2024-08-07 17:03
    VLAI
    Summary
    useradd in shadow-utils before 4.0.3, and possibly other versions before 4.0.8, does not provide a required argument to the open function when creating a new user mailbox, which causes the mailbox to be created with unpredictable permissions and possibly allows attackers to read or modify the mailbox.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://lists.grok.org.uk/pipermail/full-disclosur… mailing-listx_refsource_FULLDISC
    http://secunia.com/advisories/25098 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/25894 third-party-advisoryx_refsource_SECUNIA
    http://www.redhat.com/support/errata/RHSA-2007-04… vendor-advisoryx_refsource_REDHAT
    http://www.vupen.com/english/advisories/2007/3229 vdb-entryx_refsource_VUPEN
    http://secunia.com/advisories/25267 third-party-advisoryx_refsource_SECUNIA
    http://www.redhat.com/support/errata/RHSA-2007-02… vendor-advisoryx_refsource_REDHAT
    http://support.avaya.com/elmodocs2/security/ASA-2… x_refsource_CONFIRM
    http://www.securityfocus.com/bid/18111 vdb-entryx_refsource_BID
    http://www.securitytracker.com/id?1018221 vdb-entryx_refsource_SECTRACK
    http://secunia.com/advisories/25629 third-party-advisoryx_refsource_SECUNIA
    http://cvs.pld.org.pl/shadow/NEWS?rev=1.109 x_refsource_CONFIRM
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.kb.cert.org/vuls/id/312692 third-party-advisoryx_refsource_CERT-VN
    http://www.gentoo.org/security/en/glsa/glsa-20060… vendor-advisoryx_refsource_GENTOO
    http://secunia.com/advisories/25896 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/archive/1/468336/100… mailing-listx_refsource_BUGTRAQ
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://secunia.com/advisories/26909 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/27706 third-party-advisoryx_refsource_SECUNIA
    http://www.vupen.com/english/advisories/2006/2006 vdb-entryx_refsource_VUPEN
    https://issues.rpath.com/browse/RPL-1357 x_refsource_CONFIRM
    http://secunia.com/advisories/20506 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/20370 third-party-advisoryx_refsource_SECUNIA
    ftp://patches.sgi.com/support/free/security/advis… vendor-advisoryx_refsource_SGI
    Date Public
    2006-05-24 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T17:03:28.515Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20070920 VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html"
              },
              {
                "name": "25098",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/25098"
              },
              {
                "name": "25894",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/25894"
              },
              {
                "name": "RHSA-2007:0431",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2007-0431.html"
              },
              {
                "name": "ADV-2007-3229",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/3229"
              },
              {
                "name": "25267",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/25267"
              },
              {
                "name": "RHSA-2007:0276",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2007-0276.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-249.htm"
              },
              {
                "name": "18111",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/18111"
              },
              {
                "name": "1018221",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1018221"
              },
              {
                "name": "25629",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/25629"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://cvs.pld.org.pl/shadow/NEWS?rev=1.109"
              },
              {
                "name": "shadow-utils-useradd-file-permission(26958)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26958"
              },
              {
                "name": "VU#312692",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/312692"
              },
              {
                "name": "GLSA-200606-02",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://www.gentoo.org/security/en/glsa/glsa-200606-02.xml"
              },
              {
                "name": "25896",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/25896"
              },
              {
                "name": "20070511 rPSA-2007-0096-1 shadow",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/468336/100/0/threaded"
              },
              {
                "name": "MDKSA-2006:090",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:090"
              },
              {
                "name": "oval:org.mitre.oval:def:10807",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10807"
              },
              {
                "name": "26909",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/26909"
              },
              {
                "name": "27706",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/27706"
              },
              {
                "name": "ADV-2006-2006",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/2006"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://issues.rpath.com/browse/RPL-1357"
              },
              {
                "name": "20506",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/20506"
              },
              {
                "name": "20370",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/20370"
              },
              {
                "name": "20070602-01-P",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SGI",
                  "x_transferred"
                ],
                "url": "ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-05-24T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "useradd in shadow-utils before 4.0.3, and possibly other versions before 4.0.8, does not provide a required argument to the open function when creating a new user mailbox, which causes the mailbox to be created with unpredictable permissions and possibly allows attackers to read or modify the mailbox."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-18T14:57:01.000Z",
            "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
            "shortName": "certcc"
          },
          "references": [
            {
              "name": "20070920 VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html"
            },
            {
              "name": "25098",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/25098"
            },
            {
              "name": "25894",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/25894"
            },
            {
              "name": "RHSA-2007:0431",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2007-0431.html"
            },
            {
              "name": "ADV-2007-3229",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/3229"
            },
            {
              "name": "25267",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/25267"
            },
            {
              "name": "RHSA-2007:0276",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2007-0276.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-249.htm"
            },
            {
              "name": "18111",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/18111"
            },
            {
              "name": "1018221",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1018221"
            },
            {
              "name": "25629",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/25629"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://cvs.pld.org.pl/shadow/NEWS?rev=1.109"
            },
            {
              "name": "shadow-utils-useradd-file-permission(26958)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26958"
            },
            {
              "name": "VU#312692",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/312692"
            },
            {
              "name": "GLSA-200606-02",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200606-02.xml"
            },
            {
              "name": "25896",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/25896"
            },
            {
              "name": "20070511 rPSA-2007-0096-1 shadow",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/468336/100/0/threaded"
            },
            {
              "name": "MDKSA-2006:090",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:090"
            },
            {
              "name": "oval:org.mitre.oval:def:10807",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10807"
            },
            {
              "name": "26909",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/26909"
            },
            {
              "name": "27706",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/27706"
            },
            {
              "name": "ADV-2006-2006",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/2006"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://issues.rpath.com/browse/RPL-1357"
            },
            {
              "name": "20506",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/20506"
            },
            {
              "name": "20370",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/20370"
            },
            {
              "name": "20070602-01-P",
              "tags": [
                "vendor-advisory",
                "x_refsource_SGI"
              ],
              "url": "ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cert@cert.org",
              "ID": "CVE-2006-1174",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "useradd in shadow-utils before 4.0.3, and possibly other versions before 4.0.8, does not provide a required argument to the open function when creating a new user mailbox, which causes the mailbox to be created with unpredictable permissions and possibly allows attackers to read or modify the mailbox."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20070920 VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player",
                  "refsource": "FULLDISC",
                  "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html"
                },
                {
                  "name": "25098",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/25098"
                },
                {
                  "name": "25894",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/25894"
                },
                {
                  "name": "RHSA-2007:0431",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2007-0431.html"
                },
                {
                  "name": "ADV-2007-3229",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/3229"
                },
                {
                  "name": "25267",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/25267"
                },
                {
                  "name": "RHSA-2007:0276",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2007-0276.html"
                },
                {
                  "name": "http://support.avaya.com/elmodocs2/security/ASA-2007-249.htm",
                  "refsource": "CONFIRM",
                  "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-249.htm"
                },
                {
                  "name": "18111",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/18111"
                },
                {
                  "name": "1018221",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1018221"
                },
                {
                  "name": "25629",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/25629"
                },
                {
                  "name": "http://cvs.pld.org.pl/shadow/NEWS?rev=1.109",
                  "refsource": "CONFIRM",
                  "url": "http://cvs.pld.org.pl/shadow/NEWS?rev=1.109"
                },
                {
                  "name": "shadow-utils-useradd-file-permission(26958)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26958"
                },
                {
                  "name": "VU#312692",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/312692"
                },
                {
                  "name": "GLSA-200606-02",
                  "refsource": "GENTOO",
                  "url": "http://www.gentoo.org/security/en/glsa/glsa-200606-02.xml"
                },
                {
                  "name": "25896",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/25896"
                },
                {
                  "name": "20070511 rPSA-2007-0096-1 shadow",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/468336/100/0/threaded"
                },
                {
                  "name": "MDKSA-2006:090",
                  "refsource": "MANDRIVA",
                  "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:090"
                },
                {
                  "name": "oval:org.mitre.oval:def:10807",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10807"
                },
                {
                  "name": "26909",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/26909"
                },
                {
                  "name": "27706",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/27706"
                },
                {
                  "name": "ADV-2006-2006",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/2006"
                },
                {
                  "name": "https://issues.rpath.com/browse/RPL-1357",
                  "refsource": "CONFIRM",
                  "url": "https://issues.rpath.com/browse/RPL-1357"
                },
                {
                  "name": "20506",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/20506"
                },
                {
                  "name": "20370",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/20370"
                },
                {
                  "name": "20070602-01-P",
                  "refsource": "SGI",
                  "url": "ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "assignerShortName": "certcc",
        "cveId": "CVE-2006-1174",
        "datePublished": "2006-05-28T23:00:00.000Z",
        "dateReserved": "2006-03-12T00:00:00.000Z",
        "dateUpdated": "2024-08-07T17:03:28.515Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-1844 (GCVE-0-2006-1844)

    Vulnerability from cvelistv5 – Published: 2006-04-19 16:00 – Updated: 2024-09-16 16:19
    VLAI
    Summary
    The Debian installer for the (1) shadow 4.0.14 and (2) base-config 2.53.10 packages includes sensitive information in world-readable log files, including preseeded passwords and pppoeconf passwords, which might allow local users to gain privileges.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=356939 x_refsource_CONFIRM
    http://www.osvdb.org/23922 vdb-entryx_refsource_OSVDB
    http://secunia.com/advisories/19170 third-party-advisoryx_refsource_SECUNIA
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T17:27:29.560Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=356939"
              },
              {
                "name": "23922",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/23922"
              },
              {
                "name": "19170",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/19170"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The Debian installer for the (1) shadow 4.0.14 and (2) base-config 2.53.10 packages includes sensitive information in world-readable log files, including preseeded passwords and pppoeconf passwords, which might allow local users to gain privileges."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2006-04-19T16:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=356939"
            },
            {
              "name": "23922",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/23922"
            },
            {
              "name": "19170",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/19170"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-1844",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The Debian installer for the (1) shadow 4.0.14 and (2) base-config 2.53.10 packages includes sensitive information in world-readable log files, including preseeded passwords and pppoeconf passwords, which might allow local users to gain privileges."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=356939",
                  "refsource": "CONFIRM",
                  "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=356939"
                },
                {
                  "name": "23922",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/23922"
                },
                {
                  "name": "19170",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/19170"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-1844",
        "datePublished": "2006-04-19T16:00:00.000Z",
        "dateReserved": "2006-04-19T00:00:00.000Z",
        "dateUpdated": "2024-09-16T16:19:03.495Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2004-1001 (GCVE-0-2004-1001)

    Vulnerability from cvelistv5 – Published: 2004-11-04 05:00 – Updated: 2024-08-08 00:38
    VLAI
    Summary
    Unknown vulnerability in the passwd_check function in Shadow 4.0.4.1, and possibly other versions before 4.0.5, allows local users to conduct unauthorized activities when an error from a pam_chauthtok function call is not properly handled.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://secunia.com/advisories/13028 third-party-advisoryx_refsource_SECUNIA
    http://www.debian.org/security/2004/dsa-585 vendor-advisoryx_refsource_DEBIAN
    http://distro.conectiva.com.br/atualizacoes/?id=a… vendor-advisoryx_refsource_CONECTIVA
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    Date Public
    2004-10-29 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T00:38:59.702Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "13028",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/13028"
              },
              {
                "name": "DSA-585",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2004/dsa-585"
              },
              {
                "name": "CLA-2004:894",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CONECTIVA",
                  "x_transferred"
                ],
                "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000894"
              },
              {
                "name": "shadow-pwdcheck-modify-account(17902)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17902"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2004-10-29T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Unknown vulnerability in the passwd_check function in Shadow 4.0.4.1, and possibly other versions before 4.0.5, allows local users to conduct unauthorized activities when an error from a pam_chauthtok function call is not properly handled."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-10T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "13028",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/13028"
            },
            {
              "name": "DSA-585",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2004/dsa-585"
            },
            {
              "name": "CLA-2004:894",
              "tags": [
                "vendor-advisory",
                "x_refsource_CONECTIVA"
              ],
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000894"
            },
            {
              "name": "shadow-pwdcheck-modify-account(17902)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17902"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2004-1001",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Unknown vulnerability in the passwd_check function in Shadow 4.0.4.1, and possibly other versions before 4.0.5, allows local users to conduct unauthorized activities when an error from a pam_chauthtok function call is not properly handled."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "13028",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/13028"
                },
                {
                  "name": "DSA-585",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2004/dsa-585"
                },
                {
                  "name": "CLA-2004:894",
                  "refsource": "CONECTIVA",
                  "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000894"
                },
                {
                  "name": "shadow-pwdcheck-modify-account(17902)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17902"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2004-1001",
        "datePublished": "2004-11-04T05:00:00.000Z",
        "dateReserved": "2004-11-02T00:00:00.000Z",
        "dateUpdated": "2024-08-08T00:38:59.702Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-20002 (GCVE-0-2017-20002)

    Vulnerability from nvd – Published: 2021-03-17 06:00 – Updated: 2024-08-05 21:45
    VLAI
    Summary
    The Debian shadow package before 1:4.5-1 for Shadow incorrectly lists pts/0 and pts/1 as physical terminals in /etc/securetty. This allows local users to login as password-less users even if they are connected by non-physical means such as SSH (hence bypassing PAM's nullok_secure configuration). This notably affects environments such as virtual machines automatically generated with a default blank root password, allowing all local users to escalate privileges.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T21:45:24.409Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877374"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=914957"
              },
              {
                "name": "[debian-lts-announce] 20210317 [SECURITY] [DLA 2596-1] shadow security update",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00020.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The Debian shadow package before 1:4.5-1 for Shadow incorrectly lists pts/0 and pts/1 as physical terminals in /etc/securetty. This allows local users to login as password-less users even if they are connected by non-physical means such as SSH (hence bypassing PAM\u0027s nullok_secure configuration). This notably affects environments such as virtual machines automatically generated with a default blank root password, allowing all local users to escalate privileges."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-03-18T03:57:29.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877374"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=914957"
            },
            {
              "name": "[debian-lts-announce] 20210317 [SECURITY] [DLA 2596-1] shadow security update",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00020.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2017-20002",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The Debian shadow package before 1:4.5-1 for Shadow incorrectly lists pts/0 and pts/1 as physical terminals in /etc/securetty. This allows local users to login as password-less users even if they are connected by non-physical means such as SSH (hence bypassing PAM\u0027s nullok_secure configuration). This notably affects environments such as virtual machines automatically generated with a default blank root password, allowing all local users to escalate privileges."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877374",
                  "refsource": "MISC",
                  "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877374"
                },
                {
                  "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=914957",
                  "refsource": "MISC",
                  "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=914957"
                },
                {
                  "name": "[debian-lts-announce] 20210317 [SECURITY] [DLA 2596-1] shadow security update",
                  "refsource": "MLIST",
                  "url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00020.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2017-20002",
        "datePublished": "2021-03-17T06:00:09.000Z",
        "dateReserved": "2021-03-17T00:00:00.000Z",
        "dateUpdated": "2024-08-05T21:45:24.409Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2013-4235 (GCVE-0-2013-4235)

    Vulnerability from nvd – Published: 2019-12-03 00:00 – Updated: 2024-08-06 16:38
    VLAI
    Summary
    shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees
    Severity
    No CVSS data available.
    CWE
    • race conditions by copying and removing directory trees
    Assigner
    Impacted products
    Vendor Product Version
    shadow shadow Affected: 1
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T16:38:01.619Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://security-tracker.debian.org/tracker/CVE-2013-4235"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/security/cve/cve-2013-4235"
              },
              {
                "name": "[mina-dev] 20210225 [jira] [Created] (FTPSERVER-500) Security vulnerability in common/lib/log4j-1.2.17.jar",
                "tags": [
                  "mailing-list",
                  "x_transferred"
                ],
                "url": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E"
              },
              {
                "name": "GLSA-202210-26",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://security.gentoo.org/glsa/202210-26"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "shadow",
              "vendor": "shadow",
              "versions": [
                {
                  "status": "affected",
                  "version": "1"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "race conditions by copying and removing directory trees",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-10-31T00:00:00.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "url": "https://security-tracker.debian.org/tracker/CVE-2013-4235"
            },
            {
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235"
            },
            {
              "url": "https://access.redhat.com/security/cve/cve-2013-4235"
            },
            {
              "name": "[mina-dev] 20210225 [jira] [Created] (FTPSERVER-500) Security vulnerability in common/lib/log4j-1.2.17.jar",
              "tags": [
                "mailing-list"
              ],
              "url": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E"
            },
            {
              "name": "GLSA-202210-26",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://security.gentoo.org/glsa/202210-26"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2013-4235",
        "datePublished": "2019-12-03T00:00:00.000Z",
        "dateReserved": "2013-06-12T00:00:00.000Z",
        "dateUpdated": "2024-08-06T16:38:01.619Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2005-4890 (GCVE-0-2005-4890)

    Vulnerability from nvd – Published: 2019-11-04 18:38 – Updated: 2024-08-08 00:01
    VLAI
    Summary
    There is a possible tty hijacking in shadow 4.x before 4.1.5 and sudo 1.x before 1.7.4 via "su - user -c program". The user session can be escaped to the parent session by using the TIOCSTI ioctl to push characters into the input buffer to be read by the next process.
    Severity
    No CVSS data available.
    CWE
    • tty hijacking possible in "su" via TIOCSTI ioctl
    Assigner
    Impacted products
    Vendor Product Version
    Red Hat shadow Affected: 4.x before 4.1.5
    Create a notification for this product.
    Red Hat sudo Affected: 1.x before 1.7.4
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T00:01:23.403Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2014/12/15/5"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://security-tracker.debian.org/tracker/CVE-2005-4890"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2005-4890"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/security/cve/cve-2005-4890"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2012/11/06/8"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2013/05/20/3"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2013/11/28/10"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2013/11/29/5"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2014/10/20/9"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2014/10/21/1"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2016/02/25/6"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "shadow",
              "vendor": "Red Hat",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.x before 4.1.5"
                }
              ]
            },
            {
              "product": "sudo",
              "vendor": "Red Hat",
              "versions": [
                {
                  "status": "affected",
                  "version": "1.x before 1.7.4"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "There is a possible tty hijacking in shadow 4.x before 4.1.5 and sudo 1.x before 1.7.4 via \"su - user -c program\". The user session can be escaped to the parent session by using the TIOCSTI ioctl to push characters into the input buffer to be read by the next process."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "tty hijacking possible in \"su\" via TIOCSTI ioctl",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-11-04T18:38:09.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2014/12/15/5"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://security-tracker.debian.org/tracker/CVE-2005-4890"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2005-4890"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://access.redhat.com/security/cve/cve-2005-4890"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2012/11/06/8"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2013/05/20/3"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2013/11/28/10"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2013/11/29/5"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2014/10/20/9"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2014/10/21/1"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2016/02/25/6"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2005-4890",
        "datePublished": "2019-11-04T18:38:09.000Z",
        "dateReserved": "2011-12-19T00:00:00.000Z",
        "dateUpdated": "2024-08-08T00:01:23.403Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2011-0721 (GCVE-0-2011-0721)

    Vulnerability from nvd – Published: 2011-02-18 23:00 – Updated: 2024-08-06 22:05
    VLAI
    Summary
    Multiple CRLF injection vulnerabilities in (1) chfn and (2) chsh in shadow 1:4.1.4 allow local users to add new users or groups to /etc/passwd via the GECOS field.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.vupen.com/english/advisories/2011/0398 vdb-entryx_refsource_VUPEN
    http://www.vupen.com/english/advisories/2011/0773 vdb-entryx_refsource_VUPEN
    http://secunia.com/advisories/43345 third-party-advisoryx_refsource_SECUNIA
    http://www.debian.org/security/2011/dsa-2164 vendor-advisoryx_refsource_DEBIAN
    http://www.ubuntu.com/usn/USN-1065-1 vendor-advisoryx_refsource_UBUNTU
    http://www.vupen.com/english/advisories/2011/0396 vdb-entryx_refsource_VUPEN
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://osvdb.org/70895 vdb-entryx_refsource_OSVDB
    http://www.securityfocus.com/bid/46426 vdb-entryx_refsource_BID
    http://slackware.com/security/viewer.php?l=slackw… vendor-advisoryx_refsource_SLACKWARE
    http://secunia.com/advisories/42505 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2011-02-16 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T22:05:53.410Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ADV-2011-0398",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2011/0398"
              },
              {
                "name": "ADV-2011-0773",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2011/0773"
              },
              {
                "name": "43345",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/43345"
              },
              {
                "name": "DSA-2164",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2011/dsa-2164"
              },
              {
                "name": "USN-1065-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "http://www.ubuntu.com/usn/USN-1065-1"
              },
              {
                "name": "ADV-2011-0396",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2011/0396"
              },
              {
                "name": "shadow-chfnchsh-crlf-injection(65564)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65564"
              },
              {
                "name": "70895",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/70895"
              },
              {
                "name": "46426",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/46426"
              },
              {
                "name": "SSA:2011-086-03",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SLACKWARE",
                  "x_transferred"
                ],
                "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2011\u0026m=slackware-security.380014"
              },
              {
                "name": "42505",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/42505"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2011-02-16T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple CRLF injection vulnerabilities in (1) chfn and (2) chsh in shadow 1:4.1.4 allow local users to add new users or groups to /etc/passwd via the GECOS field."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-16T14:57:01.000Z",
            "orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
            "shortName": "canonical"
          },
          "references": [
            {
              "name": "ADV-2011-0398",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2011/0398"
            },
            {
              "name": "ADV-2011-0773",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2011/0773"
            },
            {
              "name": "43345",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/43345"
            },
            {
              "name": "DSA-2164",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2011/dsa-2164"
            },
            {
              "name": "USN-1065-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "http://www.ubuntu.com/usn/USN-1065-1"
            },
            {
              "name": "ADV-2011-0396",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2011/0396"
            },
            {
              "name": "shadow-chfnchsh-crlf-injection(65564)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65564"
            },
            {
              "name": "70895",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/70895"
            },
            {
              "name": "46426",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/46426"
            },
            {
              "name": "SSA:2011-086-03",
              "tags": [
                "vendor-advisory",
                "x_refsource_SLACKWARE"
              ],
              "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2011\u0026m=slackware-security.380014"
            },
            {
              "name": "42505",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/42505"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@ubuntu.com",
              "ID": "CVE-2011-0721",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple CRLF injection vulnerabilities in (1) chfn and (2) chsh in shadow 1:4.1.4 allow local users to add new users or groups to /etc/passwd via the GECOS field."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "ADV-2011-0398",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2011/0398"
                },
                {
                  "name": "ADV-2011-0773",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2011/0773"
                },
                {
                  "name": "43345",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/43345"
                },
                {
                  "name": "DSA-2164",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2011/dsa-2164"
                },
                {
                  "name": "USN-1065-1",
                  "refsource": "UBUNTU",
                  "url": "http://www.ubuntu.com/usn/USN-1065-1"
                },
                {
                  "name": "ADV-2011-0396",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2011/0396"
                },
                {
                  "name": "shadow-chfnchsh-crlf-injection(65564)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65564"
                },
                {
                  "name": "70895",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/70895"
                },
                {
                  "name": "46426",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/46426"
                },
                {
                  "name": "SSA:2011-086-03",
                  "refsource": "SLACKWARE",
                  "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2011\u0026m=slackware-security.380014"
                },
                {
                  "name": "42505",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/42505"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
        "assignerShortName": "canonical",
        "cveId": "CVE-2011-0721",
        "datePublished": "2011-02-18T23:00:00.000Z",
        "dateReserved": "2011-02-01T00:00:00.000Z",
        "dateUpdated": "2024-08-06T22:05:53.410Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2008-5394 (GCVE-0-2008-5394)

    Vulnerability from nvd – Published: 2008-12-09 00:00 – Updated: 2024-08-07 10:49
    VLAI
    Summary
    /bin/login in shadow 4.0.18.1 in Debian GNU/Linux, and probably other Linux distributions, allows local users in the utmp group to overwrite arbitrary files via a symlink attack on a temporary file referenced in a line (aka ut_line) field in a utmp entry.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://osvdb.org/52200 vdb-entryx_refsource_OSVDB
    http://bugs.debian.org/505271 x_refsource_CONFIRM
    http://www.securityfocus.com/bid/32552 vdb-entryx_refsource_BID
    http://bugs.debian.org/332198 x_refsource_CONFIRM
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://security.gentoo.org/glsa/glsa-200903-24.xml vendor-advisoryx_refsource_GENTOO
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    http://www.securityfocus.com/archive/1/498769/100… mailing-listx_refsource_BUGTRAQ
    https://www.exploit-db.com/exploits/7313 exploitx_refsource_EXPLOIT-DB
    http://securityreason.com/securityalert/4695 third-party-advisoryx_refsource_SREASON
    http://bugs.debian.org/505071 x_refsource_CONFIRM
    http://www.ubuntu.com/usn/usn-695-1 vendor-advisoryx_refsource_UBUNTU
    Date Public
    2008-11-30 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T10:49:12.898Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "52200",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/52200"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://bugs.debian.org/505271"
              },
              {
                "name": "32552",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/32552"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://bugs.debian.org/332198"
              },
              {
                "name": "debian-login-symlink(47037)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47037"
              },
              {
                "name": "GLSA-200903-24",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-200903-24.xml"
              },
              {
                "name": "MDVSA-2009:062",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:062"
              },
              {
                "name": "20081130 /bin/login gives root to group utmp",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/498769/100/0/threaded"
              },
              {
                "name": "7313",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/7313"
              },
              {
                "name": "4695",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/4695"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://bugs.debian.org/505071"
              },
              {
                "name": "USN-695-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "http://www.ubuntu.com/usn/usn-695-1"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2008-11-30T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "/bin/login in shadow 4.0.18.1 in Debian GNU/Linux, and probably other Linux distributions, allows local users in the utmp group to overwrite arbitrary files via a symlink attack on a temporary file referenced in a line (aka ut_line) field in a utmp entry."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-11T19:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "52200",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/52200"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://bugs.debian.org/505271"
            },
            {
              "name": "32552",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/32552"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://bugs.debian.org/332198"
            },
            {
              "name": "debian-login-symlink(47037)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47037"
            },
            {
              "name": "GLSA-200903-24",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-200903-24.xml"
            },
            {
              "name": "MDVSA-2009:062",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:062"
            },
            {
              "name": "20081130 /bin/login gives root to group utmp",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/498769/100/0/threaded"
            },
            {
              "name": "7313",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/7313"
            },
            {
              "name": "4695",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/4695"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://bugs.debian.org/505071"
            },
            {
              "name": "USN-695-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "http://www.ubuntu.com/usn/usn-695-1"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2008-5394",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "/bin/login in shadow 4.0.18.1 in Debian GNU/Linux, and probably other Linux distributions, allows local users in the utmp group to overwrite arbitrary files via a symlink attack on a temporary file referenced in a line (aka ut_line) field in a utmp entry."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "52200",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/52200"
                },
                {
                  "name": "http://bugs.debian.org/505271",
                  "refsource": "CONFIRM",
                  "url": "http://bugs.debian.org/505271"
                },
                {
                  "name": "32552",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/32552"
                },
                {
                  "name": "http://bugs.debian.org/332198",
                  "refsource": "CONFIRM",
                  "url": "http://bugs.debian.org/332198"
                },
                {
                  "name": "debian-login-symlink(47037)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47037"
                },
                {
                  "name": "GLSA-200903-24",
                  "refsource": "GENTOO",
                  "url": "http://security.gentoo.org/glsa/glsa-200903-24.xml"
                },
                {
                  "name": "MDVSA-2009:062",
                  "refsource": "MANDRIVA",
                  "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:062"
                },
                {
                  "name": "20081130 /bin/login gives root to group utmp",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/498769/100/0/threaded"
                },
                {
                  "name": "7313",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/7313"
                },
                {
                  "name": "4695",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/4695"
                },
                {
                  "name": "http://bugs.debian.org/505071",
                  "refsource": "CONFIRM",
                  "url": "http://bugs.debian.org/505071"
                },
                {
                  "name": "USN-695-1",
                  "refsource": "UBUNTU",
                  "url": "http://www.ubuntu.com/usn/usn-695-1"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2008-5394",
        "datePublished": "2008-12-09T00:00:00.000Z",
        "dateReserved": "2008-12-08T00:00:00.000Z",
        "dateUpdated": "2024-08-07T10:49:12.898Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-1174 (GCVE-0-2006-1174)

    Vulnerability from nvd – Published: 2006-05-28 23:00 – Updated: 2024-08-07 17:03
    VLAI
    Summary
    useradd in shadow-utils before 4.0.3, and possibly other versions before 4.0.8, does not provide a required argument to the open function when creating a new user mailbox, which causes the mailbox to be created with unpredictable permissions and possibly allows attackers to read or modify the mailbox.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://lists.grok.org.uk/pipermail/full-disclosur… mailing-listx_refsource_FULLDISC
    http://secunia.com/advisories/25098 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/25894 third-party-advisoryx_refsource_SECUNIA
    http://www.redhat.com/support/errata/RHSA-2007-04… vendor-advisoryx_refsource_REDHAT
    http://www.vupen.com/english/advisories/2007/3229 vdb-entryx_refsource_VUPEN
    http://secunia.com/advisories/25267 third-party-advisoryx_refsource_SECUNIA
    http://www.redhat.com/support/errata/RHSA-2007-02… vendor-advisoryx_refsource_REDHAT
    http://support.avaya.com/elmodocs2/security/ASA-2… x_refsource_CONFIRM
    http://www.securityfocus.com/bid/18111 vdb-entryx_refsource_BID
    http://www.securitytracker.com/id?1018221 vdb-entryx_refsource_SECTRACK
    http://secunia.com/advisories/25629 third-party-advisoryx_refsource_SECUNIA
    http://cvs.pld.org.pl/shadow/NEWS?rev=1.109 x_refsource_CONFIRM
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.kb.cert.org/vuls/id/312692 third-party-advisoryx_refsource_CERT-VN
    http://www.gentoo.org/security/en/glsa/glsa-20060… vendor-advisoryx_refsource_GENTOO
    http://secunia.com/advisories/25896 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/archive/1/468336/100… mailing-listx_refsource_BUGTRAQ
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://secunia.com/advisories/26909 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/27706 third-party-advisoryx_refsource_SECUNIA
    http://www.vupen.com/english/advisories/2006/2006 vdb-entryx_refsource_VUPEN
    https://issues.rpath.com/browse/RPL-1357 x_refsource_CONFIRM
    http://secunia.com/advisories/20506 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/20370 third-party-advisoryx_refsource_SECUNIA
    ftp://patches.sgi.com/support/free/security/advis… vendor-advisoryx_refsource_SGI
    Date Public
    2006-05-24 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T17:03:28.515Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20070920 VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html"
              },
              {
                "name": "25098",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/25098"
              },
              {
                "name": "25894",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/25894"
              },
              {
                "name": "RHSA-2007:0431",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2007-0431.html"
              },
              {
                "name": "ADV-2007-3229",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/3229"
              },
              {
                "name": "25267",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/25267"
              },
              {
                "name": "RHSA-2007:0276",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2007-0276.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-249.htm"
              },
              {
                "name": "18111",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/18111"
              },
              {
                "name": "1018221",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1018221"
              },
              {
                "name": "25629",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/25629"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://cvs.pld.org.pl/shadow/NEWS?rev=1.109"
              },
              {
                "name": "shadow-utils-useradd-file-permission(26958)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26958"
              },
              {
                "name": "VU#312692",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/312692"
              },
              {
                "name": "GLSA-200606-02",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://www.gentoo.org/security/en/glsa/glsa-200606-02.xml"
              },
              {
                "name": "25896",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/25896"
              },
              {
                "name": "20070511 rPSA-2007-0096-1 shadow",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/468336/100/0/threaded"
              },
              {
                "name": "MDKSA-2006:090",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:090"
              },
              {
                "name": "oval:org.mitre.oval:def:10807",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10807"
              },
              {
                "name": "26909",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/26909"
              },
              {
                "name": "27706",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/27706"
              },
              {
                "name": "ADV-2006-2006",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/2006"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://issues.rpath.com/browse/RPL-1357"
              },
              {
                "name": "20506",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/20506"
              },
              {
                "name": "20370",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/20370"
              },
              {
                "name": "20070602-01-P",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SGI",
                  "x_transferred"
                ],
                "url": "ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-05-24T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "useradd in shadow-utils before 4.0.3, and possibly other versions before 4.0.8, does not provide a required argument to the open function when creating a new user mailbox, which causes the mailbox to be created with unpredictable permissions and possibly allows attackers to read or modify the mailbox."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-18T14:57:01.000Z",
            "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
            "shortName": "certcc"
          },
          "references": [
            {
              "name": "20070920 VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html"
            },
            {
              "name": "25098",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/25098"
            },
            {
              "name": "25894",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/25894"
            },
            {
              "name": "RHSA-2007:0431",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2007-0431.html"
            },
            {
              "name": "ADV-2007-3229",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/3229"
            },
            {
              "name": "25267",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/25267"
            },
            {
              "name": "RHSA-2007:0276",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2007-0276.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-249.htm"
            },
            {
              "name": "18111",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/18111"
            },
            {
              "name": "1018221",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1018221"
            },
            {
              "name": "25629",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/25629"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://cvs.pld.org.pl/shadow/NEWS?rev=1.109"
            },
            {
              "name": "shadow-utils-useradd-file-permission(26958)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26958"
            },
            {
              "name": "VU#312692",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/312692"
            },
            {
              "name": "GLSA-200606-02",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200606-02.xml"
            },
            {
              "name": "25896",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/25896"
            },
            {
              "name": "20070511 rPSA-2007-0096-1 shadow",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/468336/100/0/threaded"
            },
            {
              "name": "MDKSA-2006:090",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:090"
            },
            {
              "name": "oval:org.mitre.oval:def:10807",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10807"
            },
            {
              "name": "26909",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/26909"
            },
            {
              "name": "27706",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/27706"
            },
            {
              "name": "ADV-2006-2006",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/2006"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://issues.rpath.com/browse/RPL-1357"
            },
            {
              "name": "20506",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/20506"
            },
            {
              "name": "20370",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/20370"
            },
            {
              "name": "20070602-01-P",
              "tags": [
                "vendor-advisory",
                "x_refsource_SGI"
              ],
              "url": "ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cert@cert.org",
              "ID": "CVE-2006-1174",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "useradd in shadow-utils before 4.0.3, and possibly other versions before 4.0.8, does not provide a required argument to the open function when creating a new user mailbox, which causes the mailbox to be created with unpredictable permissions and possibly allows attackers to read or modify the mailbox."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20070920 VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player",
                  "refsource": "FULLDISC",
                  "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html"
                },
                {
                  "name": "25098",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/25098"
                },
                {
                  "name": "25894",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/25894"
                },
                {
                  "name": "RHSA-2007:0431",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2007-0431.html"
                },
                {
                  "name": "ADV-2007-3229",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/3229"
                },
                {
                  "name": "25267",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/25267"
                },
                {
                  "name": "RHSA-2007:0276",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2007-0276.html"
                },
                {
                  "name": "http://support.avaya.com/elmodocs2/security/ASA-2007-249.htm",
                  "refsource": "CONFIRM",
                  "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-249.htm"
                },
                {
                  "name": "18111",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/18111"
                },
                {
                  "name": "1018221",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1018221"
                },
                {
                  "name": "25629",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/25629"
                },
                {
                  "name": "http://cvs.pld.org.pl/shadow/NEWS?rev=1.109",
                  "refsource": "CONFIRM",
                  "url": "http://cvs.pld.org.pl/shadow/NEWS?rev=1.109"
                },
                {
                  "name": "shadow-utils-useradd-file-permission(26958)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26958"
                },
                {
                  "name": "VU#312692",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/312692"
                },
                {
                  "name": "GLSA-200606-02",
                  "refsource": "GENTOO",
                  "url": "http://www.gentoo.org/security/en/glsa/glsa-200606-02.xml"
                },
                {
                  "name": "25896",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/25896"
                },
                {
                  "name": "20070511 rPSA-2007-0096-1 shadow",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/468336/100/0/threaded"
                },
                {
                  "name": "MDKSA-2006:090",
                  "refsource": "MANDRIVA",
                  "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:090"
                },
                {
                  "name": "oval:org.mitre.oval:def:10807",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10807"
                },
                {
                  "name": "26909",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/26909"
                },
                {
                  "name": "27706",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/27706"
                },
                {
                  "name": "ADV-2006-2006",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/2006"
                },
                {
                  "name": "https://issues.rpath.com/browse/RPL-1357",
                  "refsource": "CONFIRM",
                  "url": "https://issues.rpath.com/browse/RPL-1357"
                },
                {
                  "name": "20506",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/20506"
                },
                {
                  "name": "20370",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/20370"
                },
                {
                  "name": "20070602-01-P",
                  "refsource": "SGI",
                  "url": "ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "assignerShortName": "certcc",
        "cveId": "CVE-2006-1174",
        "datePublished": "2006-05-28T23:00:00.000Z",
        "dateReserved": "2006-03-12T00:00:00.000Z",
        "dateUpdated": "2024-08-07T17:03:28.515Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-1844 (GCVE-0-2006-1844)

    Vulnerability from nvd – Published: 2006-04-19 16:00 – Updated: 2024-09-16 16:19
    VLAI
    Summary
    The Debian installer for the (1) shadow 4.0.14 and (2) base-config 2.53.10 packages includes sensitive information in world-readable log files, including preseeded passwords and pppoeconf passwords, which might allow local users to gain privileges.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=356939 x_refsource_CONFIRM
    http://www.osvdb.org/23922 vdb-entryx_refsource_OSVDB
    http://secunia.com/advisories/19170 third-party-advisoryx_refsource_SECUNIA
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T17:27:29.560Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=356939"
              },
              {
                "name": "23922",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/23922"
              },
              {
                "name": "19170",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/19170"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The Debian installer for the (1) shadow 4.0.14 and (2) base-config 2.53.10 packages includes sensitive information in world-readable log files, including preseeded passwords and pppoeconf passwords, which might allow local users to gain privileges."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2006-04-19T16:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=356939"
            },
            {
              "name": "23922",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/23922"
            },
            {
              "name": "19170",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/19170"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-1844",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The Debian installer for the (1) shadow 4.0.14 and (2) base-config 2.53.10 packages includes sensitive information in world-readable log files, including preseeded passwords and pppoeconf passwords, which might allow local users to gain privileges."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=356939",
                  "refsource": "CONFIRM",
                  "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=356939"
                },
                {
                  "name": "23922",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/23922"
                },
                {
                  "name": "19170",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/19170"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-1844",
        "datePublished": "2006-04-19T16:00:00.000Z",
        "dateReserved": "2006-04-19T00:00:00.000Z",
        "dateUpdated": "2024-09-16T16:19:03.495Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2004-1001 (GCVE-0-2004-1001)

    Vulnerability from nvd – Published: 2004-11-04 05:00 – Updated: 2024-08-08 00:38
    VLAI
    Summary
    Unknown vulnerability in the passwd_check function in Shadow 4.0.4.1, and possibly other versions before 4.0.5, allows local users to conduct unauthorized activities when an error from a pam_chauthtok function call is not properly handled.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://secunia.com/advisories/13028 third-party-advisoryx_refsource_SECUNIA
    http://www.debian.org/security/2004/dsa-585 vendor-advisoryx_refsource_DEBIAN
    http://distro.conectiva.com.br/atualizacoes/?id=a… vendor-advisoryx_refsource_CONECTIVA
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    Date Public
    2004-10-29 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T00:38:59.702Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "13028",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/13028"
              },
              {
                "name": "DSA-585",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2004/dsa-585"
              },
              {
                "name": "CLA-2004:894",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CONECTIVA",
                  "x_transferred"
                ],
                "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000894"
              },
              {
                "name": "shadow-pwdcheck-modify-account(17902)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17902"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2004-10-29T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Unknown vulnerability in the passwd_check function in Shadow 4.0.4.1, and possibly other versions before 4.0.5, allows local users to conduct unauthorized activities when an error from a pam_chauthtok function call is not properly handled."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-10T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "13028",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/13028"
            },
            {
              "name": "DSA-585",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2004/dsa-585"
            },
            {
              "name": "CLA-2004:894",
              "tags": [
                "vendor-advisory",
                "x_refsource_CONECTIVA"
              ],
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000894"
            },
            {
              "name": "shadow-pwdcheck-modify-account(17902)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17902"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2004-1001",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Unknown vulnerability in the passwd_check function in Shadow 4.0.4.1, and possibly other versions before 4.0.5, allows local users to conduct unauthorized activities when an error from a pam_chauthtok function call is not properly handled."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "13028",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/13028"
                },
                {
                  "name": "DSA-585",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2004/dsa-585"
                },
                {
                  "name": "CLA-2004:894",
                  "refsource": "CONECTIVA",
                  "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000894"
                },
                {
                  "name": "shadow-pwdcheck-modify-account(17902)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17902"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2004-1001",
        "datePublished": "2004-11-04T05:00:00.000Z",
        "dateReserved": "2004-11-02T00:00:00.000Z",
        "dateUpdated": "2024-08-08T00:38:59.702Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }