Debian Shadow 4.0.4.1

CPE Details

Debian Shadow 4.0.4.1
debian
shadow
4.0.4.1
2020-08-11
15h07 +00:00
2020-08-11
15h07 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:debian:shadow:4.0.4.1:*:*:*:*:*:*:*

Informations

Vendor

debian

Product

shadow

Version

4.0.4.1

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2005-4890 2019-11-04 17h38 +00:00 There is a possible tty hijacking in shadow 4.x before 4.1.5 and sudo 1.x before 1.7.4 via "su - user -c program". The user session can be escaped to the parent session by using the TIOCSTI ioctl to push characters into the input buffer to be read by the next process.
7.8
High
CVE-2006-1174 2006-05-28 21h00 +00:00 useradd in shadow-utils before 4.0.3, and possibly other versions before 4.0.8, does not provide a required argument to the open function when creating a new user mailbox, which causes the mailbox to be created with unpredictable permissions and possibly allows attackers to read or modify the mailbox.
3.7
CVE-2004-1001 2004-11-04 04h00 +00:00 Unknown vulnerability in the passwd_check function in Shadow 4.0.4.1, and possibly other versions before 4.0.5, allows local users to conduct unauthorized activities when an error from a pam_chauthtok function call is not properly handled.
4.6