{"uuid": "9e2dbcee-6274-485b-b004-7074f9c74b69", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29383", "type": "seen", "source": "https://t.me/arpsyndicate/184", "content": "#ExploitObserverAlert\n\nCVE-2023-29383\n\nDESCRIPTION: Exploit Observer has 5 entries related to CVE-2023-29383. In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn (change finger). Although it is not possible to exploit this directly (e.g., adding a new user fails because \\n is in the block list), it is possible to misrepresent the /etc/passwd file when viewed. Use of \\r manipulations and Unicode characters to work around blocking of the : character make it possible to give the impression that a new user has been added. In other words, an adversary may be able to convince a system administrator to take the system offline (an indirect, social-engineered denial of service) by demonstrating that \"cat /etc/passwd\" shows a rogue user account.\n\nFIRST-EPSS: 0.000450000\nNVD-IS: 1.4\nNVD-ES: 1.8", "creation_timestamp": "2023-11-17T02:53:33.000000Z"}