Shodan
Vulnerabilities
Vulnerable Software
Debian:  >> Shadow  Security Vulnerabilities
CVE-2017-20002
The Debian shadow package before 1:4.5-1 for Shadow incorrectly lists pts/0 and pts/1 as physical terminals in /etc/securetty. This allows local users to login as password-less users even if they are connected by non-physical means such as SSH (hence bypassing PAM's nullok_secure configuration). This notably affects environments such as virtual machines automatically generated with a default blank root password, allowing all local users to escalate privileges.
CVSS Score
7.8
EPSS Score
0.001
Published
2021-03-17
CVE-2013-4235
shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees
CVSS Score
4.7
EPSS Score
0.001
Published
2019-12-03
CVE-2005-4890
There is a possible tty hijacking in shadow 4.x before 4.1.5 and sudo 1.x before 1.7.4 via "su - user -c program". The user session can be escaped to the parent session by using the TIOCSTI ioctl to push characters into the input buffer to be read by the next process.
CVSS Score
7.8
EPSS Score
0.002
Published
2019-11-04
CVE-2011-0721
Multiple CRLF injection vulnerabilities in (1) chfn and (2) chsh in shadow 1:4.1.4 allow local users to add new users or groups to /etc/passwd via the GECOS field.
CVSS Score
6.4
EPSS Score
0.014
Published
2011-02-19
CVE-2008-5394
/bin/login in shadow 4.0.18.1 in Debian GNU/Linux, and probably other Linux distributions, allows local users in the utmp group to overwrite arbitrary files via a symlink attack on a temporary file referenced in a line (aka ut_line) field in a utmp entry.
CVSS Score
7.2
EPSS Score
0.001
Published
2008-12-09
CVE-2006-1174
useradd in shadow-utils before 4.0.3, and possibly other versions before 4.0.8, does not provide a required argument to the open function when creating a new user mailbox, which causes the mailbox to be created with unpredictable permissions and possibly allows attackers to read or modify the mailbox.
CVSS Score
3.7
EPSS Score
0.001
Published
2006-05-28
CVE-2006-1844
The Debian installer for the (1) shadow 4.0.14 and (2) base-config 2.53.10 packages includes sensitive information in world-readable log files, including preseeded passwords and pppoeconf passwords, which might allow local users to gain privileges.
CVSS Score
2.1
EPSS Score
0.001
Published
2006-04-19
CVE-2004-1001
Unknown vulnerability in the passwd_check function in Shadow 4.0.4.1, and possibly other versions before 4.0.5, allows local users to conduct unauthorized activities when an error from a pam_chauthtok function call is not properly handled.
CVSS Score
4.6
EPSS Score
0.001
Published
2005-03-01


Products
Pricing
Contact Us

Shodan ® - All rights reserved