VYPR

Shadow

by W Shadow

CVEs (9)

  • CVE-2017-12424CriAug 4, 2017
    risk 0.64cvss 9.8epss 0.03

    In shadow before 4.5, the newusers tool could be made to manipulate internal data structures in ways unintended by the authors. Malformed input may lead to crashes (with a buffer overflow or other memory corruption) or other unspecified behaviors. This crosses a privilege…

  • CVE-2020-20982CriNov 3, 2021
    risk 0.63cvss 9.6epss 0.06

    Cross Site Scripting (XSS) vulnerability in shadoweb wdja v1.5.1, allows attackers to execute arbitrary code and gain escalated privileges, via the backurl parameter to /php/passport/index.php.

  • CVE-2016-6252HigFeb 17, 2017
    risk 0.51cvss 7.8epss 0.00

    Integer overflow in shadow 4.2.1 allows local users to gain privileges via crafted input to newuidmap.

  • CVE-2005-4890HigNov 4, 2019
    risk 0.44cvss 7.8epss 0.01

    There is a possible tty hijacking in shadow 4.x before 4.1.5 and sudo 1.x before 1.7.4 via "su - user -c program". The user session can be escaped to the parent session by using the TIOCSTI ioctl to push characters into the input buffer to be read by the next process.

  • CVE-2020-21658MedOct 6, 2021
    risk 0.42cvss 6.5epss 0.00

    A Cross-Site Request Forgery (CSRF) in WDJA CMS v1.5.2 allows attackers to arbitrarily add administrator accounts via a crafted URL.

  • CVE-2020-23631MedJan 11, 2021
    risk 0.40cvss 6.1epss 0.00

    Cross-site request forgery (CSRF) in admin/global/manage.php in WDJA CMS 1.5 allows remote attackers to conduct cross-site scripting (XSS) attacks via the tongji parameter.

  • CVE-2013-4235MedDec 3, 2019
    risk 0.31cvss 4.7epss 0.00

    shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees

  • CVE-2023-29383LowApr 14, 2023
    risk 0.00cvss 3.3epss 0.00

    In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn (change finger). Although it is not possible to exploit this directly (e.g., adding a new user fails because \n is in the block list), it is possible to misrepresent the…

  • CVE-2011-0721Feb 19, 2011
    risk 0.00cvss epss 0.02

    Multiple CRLF injection vulnerabilities in (1) chfn and (2) chsh in shadow 1:4.1.4 allow local users to add new users or groups to /etc/passwd via the GECOS field.