Debian shadow 4.0.18.1

CPE Details

Debian shadow 4.0.18.1
4.0.18.1
2008-12-09
17h34 +00:00
2008-12-09
17h34 +00:00
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:debian:shadow:4.0.18.1:*:*:*:*:*:*:*

Informations

Vendor

debian

Product

shadow

Version

4.0.18.1

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2005-4890 2019-11-04 17h38 +00:00 There is a possible tty hijacking in shadow 4.x before 4.1.5 and sudo 1.x before 1.7.4 via "su - user -c program". The user session can be escaped to the parent session by using the TIOCSTI ioctl to push characters into the input buffer to be read by the next process.
7.8
Haute
CVE-2008-5394 2008-12-08 23h00 +00:00 /bin/login in shadow 4.0.18.1 in Debian GNU/Linux, and probably other Linux distributions, allows local users in the utmp group to overwrite arbitrary files via a symlink attack on a temporary file referenced in a line (aka ut_line) field in a utmp entry.
7.2