CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2018-16588
https://notcve.org/view.php?id=CVE-2018-16588
26 Sep 2018 — Privilege escalation can occur in the SUSE useradd.c code in useradd, as distributed in the SUSE shadow package through 4.2.1-27.9.1 for SUSE Linux Enterprise 12 (SLE-12) and through 4.5-5.39 for SUSE Linux Enterprise 15 (SLE-15). Non-existing intermediate directories are created with mode 0777 during user creation. Given that they are world-writable, local attackers might use this for privilege escalation and other unspecified attacks. NOTE: this would affect non-SUSE users who took useradd.c code from a 2... • http://lists.opensuse.org/opensuse-security-announce/2018-09/msg00073.html • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2017-12424 – Ubuntu Security Notice USN-5254-1
https://notcve.org/view.php?id=CVE-2017-12424
04 Aug 2017 — In shadow before 4.5, the newusers tool could be made to manipulate internal data structures in ways unintended by the authors. Malformed input may lead to crashes (with a buffer overflow or other memory corruption) or other unspecified behaviors. This crosses a privilege boundary in, for example, certain web-hosting environments in which a Control Panel allows an unprivileged user account to create subaccounts. En las versiones de Shadow anteriores a la 4.5, la herramienta newusers podría utilizarse para m... • https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=756630 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-6252 – Gentoo Linux Security Advisory 201706-02
https://notcve.org/view.php?id=CVE-2016-6252
17 Feb 2017 — Integer overflow in shadow 4.2.1 allows local users to gain privileges via crafted input to newuidmap. Desbordamiento de enteros en shadow 4.2.1 permite a usuarios locales obtener privilegios a través de una entrada manipulada para newuidmap. USN-3276-1 intended to fix a vulnerability in su. The solution introduced a regression in su signal handling. This update modifies the security fix. • http://www.debian.org/security/2017/dsa-3793 • CWE-190: Integer Overflow or Wraparound •