Debian Shadow 4.0.7

CPE Details

Debian Shadow 4.0.7
debian
shadow
4.0.7
2020-08-11
15h07 +00:00
2020-08-11
15h07 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:debian:shadow:4.0.7:*:*:*:*:*:*:*

Informations

Vendor

debian

Product

shadow

Version

4.0.7

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2005-4890 2019-11-04 17h38 +00:00 There is a possible tty hijacking in shadow 4.x before 4.1.5 and sudo 1.x before 1.7.4 via "su - user -c program". The user session can be escaped to the parent session by using the TIOCSTI ioctl to push characters into the input buffer to be read by the next process.
7.8
Haute
CVE-2006-1174 2006-05-28 21h00 +00:00 useradd in shadow-utils before 4.0.3, and possibly other versions before 4.0.8, does not provide a required argument to the open function when creating a new user mailbox, which causes the mailbox to be created with unpredictable permissions and possibly allows attackers to read or modify the mailbox.
3.7