Searching shadow software vulnerabilities

A vulnerability in Caldera Open Administration

Administration | vulnerability | Caldera | System | Open |

A vulnerability in Caldera Open Administration System (COAS) allows the /etc/shadow password file to be made world-readable.


PostgreSQL stores usernames and passwords in pl

PostgreSQL | passwords | plaintext | usernames | stores |

PostgreSQL stores usernames and passwords in plaintext in (1) pg_shadow and (2) pg_pwd, which allows attackers with sufficient privileges to gain access to databases.


Multiple CGI scripts in CIDER SHADOW 1.5 and 1.

attackers | arbitrary | Multiple | commands | execute | certain | scripts | SHADOW | allows | remote | fields | CIDER | form | CGI | via |

Multiple CGI scripts in CIDER SHADOW 1.5 and 1.6 allows remote attackers to execute arbitrary commands via certain form fields.


chetcpasswd.cgi in Pedro Lineu Orso chetcpasswd

chetcpasswdcgi | chetcpasswd | attackers | allows | remote | shadow | before | Pedro | Lineu | user | file | long | Orso | read | line | last | via |

chetcpasswd.cgi in Pedro Lineu Orso chetcpasswd before 2.1 allows remote attackers to read the last line of the shadow file via a long user (userid) field.


mod-auth-shadow 1.4 and earlier does not proper

mod-auth-shadow | authenticated | restrictions | expiration | password | intended | properly | enforce | account | earlier | remote | bypass | access | users | could | which | allow | user | does | not |

mod-auth-shadow 1.4 and earlier does not properly enforce the expiration of a user account and password, which could allow remote authenticated users to bypass intended access restrictions.


Unknown vulnerability in the passwd_check funct

vulnerability | passwd_check | function | Unknown | Shadow |

Unknown vulnerability in the passwd_check function in Shadow 4.0.4.1, and possibly other versions before 4.0.5, allows local users to conduct unauthorized activities when an error from a pam_chauthtok function call is not properly handled.


Cross-site scripting (XSS) vulnerability in YaB

Cross-site | scripting |

Cross-site scripting (XSS) vulnerability in YaBB 1 Gold(SP1.3) and YaBB SE 1.5.1 Final allows remote attackers to inject arbitrary web script via the background:url property in (1) glow or (2) shadow tags.


Multiple games developed by FUN labs, including

Revolution | Adventure | including | attackers | Dangerous | developed | Off-road | Multiple | Service | arrived | Secret | remote | Wanted | denial | Shadow | packet | cannot | detect | socket | server | Hunter | empty | ioctl | using | which | cause | Force | Hunts | allow | games | Game | labs | Deer | Hunt | Most | 4X4 | via | FUN | has | Big | UDP | new | III |

Multiple games developed by FUN labs, including 4X4 Off-road Adventure III, Big Game Hunter, Dangerous Hunts, Deer Hunt, Revolution, Secret Service, Shadow Force, and US Most Wanted, allow remote attackers to cause a denial of service via an empty UDP packet to the server, which cannot detect that a new packet has arrived using the socket ioctl.


Raritan Dominion SX (DSX) Console Servers DSX16

Dominion | Raritan |

Raritan Dominion SX (DSX) Console Servers DSX16, DSX32, DSX4, DSX8, and DSXA-48 set (1) world-readable permissions for /etc/shadow and (2) world-writable permissions for /bin/busybox, which allows local users to obtain hashed passwords or execute arbitrary code as other users.


The mod_auth_shadow module 1.0 through 1.5 and

mod_auth_shadow | authentication | authenticated | restrictions | AuthShadow | mechanisms | specified | locations | directive | security | enabled | through | require | remote | shadow | module | bypass | Apache | allow | users | might | group | other | which | uses | even | all | use |

The mod_auth_shadow module 1.0 through 1.5 and 2.0 for Apache with AuthShadow enabled uses shadow authentication for all locations that use the require group directive, even when other authentication mechanisms are specified, which might allow remote authenticated users to bypass security restrictions.


The shadow database feature (syncshadowdb) in B

database | feature | shadow |

The shadow database feature (syncshadowdb) in Bugzilla 2.9 through 2.16.10 allows local users to overwrite arbitrary files via a symlink attack on temporary files.


useradd in shadow-utils before 4.0.3, and possi

shadow-utils | useradd | before |

useradd in shadow-utils before 4.0.3, and possibly other versions before 4.0.8, does not provide a required argument to the open function when creating a new user mailbox, which causes the mailbox to be created with unpredictable permissions and possibly allows attackers to read or modify the mailbox.


The Debian installer for the (1) shadow 4.0.14

installer | Debian |

The Debian installer for the (1) shadow 4.0.14 and (2) base-config 2.53.10 packages includes sensitive information in world-readable log files, including preseeded passwords and pppoeconf passwords, which might allow local users to gain privileges.


The (1) shadow password file in na-img-4.0.34.b


The (1) shadow password file in na-img-4.0.34.bin for the IP3 Networks NetAccess NA75 has world readable permissions, which allows local users to view encrypted passwords; and the (2) NetAccess database file has world readable and writable permissions, which allows local users to view sensitive information and modify data.


The Server Message Block (SMB) driver (MRXSMB.S

Message | Server | Block |

The Server Message Block (SMB) driver (MRXSMB.SYS) in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows local users to cause a denial of service (hang) via by calling the MrxSmbCscIoctlCloseForCopyChunk with the file handle of the shadow device, which results in a deadlock, aka the "SMB Invalid Handle Vulnerability."


passwd command in shadow in Ubuntu 5.04 through

command | Ubuntu | shadow | passwd |

passwd command in shadow in Ubuntu 5.04 through 6.06 LTS, when called with the -f, -g, or -s flag, does not check the return code of a setuid call, which might allow local users to gain root privileges if setuid fails in cases such as PAM failures or resource limits.


PHP remote file inclusion vulnerability in incl

includes/functions_portalphp | vulnerability | inclusion | Shadow | Premod | remote | file | PHP |

PHP remote file inclusion vulnerability in includes/functions_portal.php in Premod Shadow 2.7.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.


Pedro Lineu Orso chetcpasswd 2.4.1 and earlier

chetcpasswd | Lineu | Pedro | Orso |

Pedro Lineu Orso chetcpasswd 2.4.1 and earlier verifies and updates user accounts via custom code that processes /etc/shadow and does not follow the PAM configuration, which might allow remote attackers to bypass intended restrictions implemented through PAM.


pam_unix.so in Linux-PAM 0.99.7.0 allows contex

pam_unixso | Linux-PAM |

pam_unix.so in Linux-PAM 0.99.7.0 allows context-dependent attackers to log into accounts whose password hash, as stored in /etc/passwd or /etc/shadow, has only two characters.


Directory traversal vulnerability in the BlueCa

vulnerability | appliance | Directory | traversal | Networks | Proteus | BlueCat | IPAM |

Directory traversal vulnerability in the BlueCat Networks Proteus IPAM appliance 2.0.2.0 (Adonis DNS/DHCP appliance 5.0.2.8) allows remote authenticated administrators, with certain TFTP privileges, to create and overwrite arbitrary files via a .. (dot dot) in a pathname. NOTE: this can be leveraged for administrative access by overwriting /etc/shadow.


Software vulnerabilities results 1 to 20 of 25     
Page: 12