CVE-2019-16110
https://notcve.org/view.php?id=CVE-2019-16110
The network protocol of Blade Shadow though 2.13.3 allows remote attackers to take control of a Shadow instance and execute arbitrary code by only knowing the victim's IP address, because packet data can be injected into the unencrypted UDP packet stream. El protocolo de red de Blade Shadow, versiones hasta la versión 2.13.3, permite a los atacantes remotos tomar el control de una instancia Shadow y ejecutar código arbitrario solo conociendo la dirección IP de la víctima, porque los datos del paquete pueden ser inyectados en el flujo de paquetes UDP no cifrados. • https://sigint.sh/#/cve-2019-16110 •
CVE-2018-16588
https://notcve.org/view.php?id=CVE-2018-16588
Privilege escalation can occur in the SUSE useradd.c code in useradd, as distributed in the SUSE shadow package through 4.2.1-27.9.1 for SUSE Linux Enterprise 12 (SLE-12) and through 4.5-5.39 for SUSE Linux Enterprise 15 (SLE-15). Non-existing intermediate directories are created with mode 0777 during user creation. Given that they are world-writable, local attackers might use this for privilege escalation and other unspecified attacks. NOTE: this would affect non-SUSE users who took useradd.c code from a 2014-04-02 upstream pull request; however, no non-SUSE distribution is known to be affected. Puede ocurrir un escalado de privilegios en el código SUSE useradd en useradd.c, tal y como se distribuye en el paquete SUSE shadow hasta la versión 4.2.1-27.9.1 para SUSE Linux Enterprise 12 (SLE-12) y hasta la versión 4.5-5.39 para SUSE Linux Enterprise 15 (SLE-15). • http://lists.opensuse.org/opensuse-security-announce/2018-09/msg00073.html • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVE-2017-12424
https://notcve.org/view.php?id=CVE-2017-12424
In shadow before 4.5, the newusers tool could be made to manipulate internal data structures in ways unintended by the authors. Malformed input may lead to crashes (with a buffer overflow or other memory corruption) or other unspecified behaviors. This crosses a privilege boundary in, for example, certain web-hosting environments in which a Control Panel allows an unprivileged user account to create subaccounts. En las versiones de Shadow anteriores a la 4.5, la herramienta newusers podría utilizarse para manipular estructuras de datos internas de formas no permitidas por los desarrolladores. Las entradas manipuladas podrían llevar a caídas (con un desbordamiento de búfer u otros tipos de corrupción de memoria) o a otro tipo de comportamiento sin especificar. • https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=756630 https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1266675 https://github.com/shadow-maint/shadow/commit/954e3d2e7113e9ac06632aee3c69b8d818cc8952 https://lists.debian.org/debian-lts-announce/2021/03/msg00020.html https://security.gentoo.org/glsa/201710-16 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2011-0721
https://notcve.org/view.php?id=CVE-2011-0721
Multiple CRLF injection vulnerabilities in (1) chfn and (2) chsh in shadow 1:4.1.4 allow local users to add new users or groups to /etc/passwd via the GECOS field. Múltiples vulnerabilidades de inyección CRLF en (1) chfn y (2) chsh sobre shadow 1:4.1.4 permiten agregar nuevos usuarios o grupos a /etc/passwd a los usuarios locales a través del campo GECOS. • http://osvdb.org/70895 http://secunia.com/advisories/42505 http://secunia.com/advisories/43345 http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.380014 http://www.debian.org/security/2011/dsa-2164 http://www.securityfocus.com/bid/46426 http://www.ubuntu.com/usn/USN-1065-1 http://www.vupen.com/english/advisories/2011/0396 http://www.vupen.com/english/advisories/2011/0398 http://www.vupen.com/english/advisories/2011/0773 https:& • CWE-20: Improper Input Validation •
CVE-2006-1174
https://notcve.org/view.php?id=CVE-2006-1174
useradd in shadow-utils before 4.0.3, and possibly other versions before 4.0.8, does not provide a required argument to the open function when creating a new user mailbox, which causes the mailbox to be created with unpredictable permissions and possibly allows attackers to read or modify the mailbox. • ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc http://cvs.pld.org.pl/shadow/NEWS?rev=1.109 http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html http://secunia.com/advisories/20370 http://secunia.com/advisories/20506 http://secunia.com/advisories/25098 http://secunia.com/advisories/25267 http://secunia.com/advisories/25629 http://secunia.com/advisories/25894 http://secunia.com/advisories/25896 http://secunia.com/advisories • CWE-264: Permissions, Privileges, and Access Controls •