Computer Security
[EN] securityvulns.ru no-pyccku


passwd / shadow vulnerabilities
updated since 17.02.2011
Published:18.02.2011
Source:
SecurityVulns ID:11444
Type:local
Threat Level:
5/10
Description:It's possible to inject newlines into /etc/passwd
Affected:DEBIAN : passwd 4.1
CVE:CVE-2011-0721 (Multiple CRLF injection vulnerabilities in (1) chfn and (2) chsh in shadow 1:4.1.4 allow local users to add new users or groups to /etc/passwd via the GECOS field.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 2164-1] shadow security update (17.02.2011)
 documentUBUNTU, [USN-1065-1] shadow vulnerability (17.02.2011)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod