CVSS: 6.3EPSS: 0%CPEs: 5EXPL: 0CVE-2012-5630
https://notcve.org/view.php?id=CVE-2012-5630
25 Nov 2019 — libuser 0.56 and 0.57 has a TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees. libuser versiones 0.56 y 0.57, presenta una condición de carrera TOCTOU (de tiempo de comprobación y de tiempo de uso) cuando se copia y elimina árboles de directorios. • http://lists.fedoraproject.org/pipermail/package-announce/2013-April/102068.html • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 5.5EPSS: 15%CPEs: 7EXPL: 5CVE-2015-3245 – Libuser Library - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2015-3245
23 Jul 2015 — Incomplete blacklist vulnerability in the chfn function in libuser before 0.56.13-8 and 0.60 before 0.60-7, as used in the userhelper program in the usermode package, allows local users to cause a denial of service (/etc/passwd corruption) via a newline character in the GECOS field. Vulnerabilidad de lista negra incompleta en la función chfn en libuser en versiones anteriores a 0.56.13-8 y 0.60 en versiones anteriores a 0.60-7, tal como se utiliza en el programa userhelp en el paquete usermode, permite a us... • https://packetstorm.news/files/id/147599 • CWE-20: Improper Input Validation CWE-138: Improper Neutralization of Special Elements •
CVSS: 7.8EPSS: 21%CPEs: 7EXPL: 5CVE-2015-3246 – Libuser Library - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2015-3246
23 Jul 2015 — libuser before 0.56.13-8 and 0.60 before 0.60-7, as used in the userhelper program in the usermode package, directly modifies /etc/passwd, which allows local users to cause a denial of service (inconsistent file state) by causing an error during the modification. NOTE: this issue can be combined with CVE-2015-3245 to gain privileges. Vulnerabilidad en libuser en versiones anteriores 0.56.13-8 y 0.60 en versiones anteriores a 0.60.7, tal como se utiliza en el programa userhelper en el paquete usermode, modif... • https://packetstorm.news/files/id/147599 • CWE-264: Permissions, Privileges, and Access Controls •