Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-q4h8-6f3r-mvww

Опубликовано: 14 мая 2022
Источник: github
Github: Не прошло ревью

Описание

Incomplete blacklist vulnerability in the chfn function in libuser before 0.56.13-8 and 0.60 before 0.60-7, as used in the userhelper program in the usermode package, allows local users to cause a denial of service (/etc/passwd corruption) via a newline character in the GECOS field.

Incomplete blacklist vulnerability in the chfn function in libuser before 0.56.13-8 and 0.60 before 0.60-7, as used in the userhelper program in the usermode package, allows local users to cause a denial of service (/etc/passwd corruption) via a newline character in the GECOS field.

EPSS

Процентиль: 94%
0.15421
Средний

Дефекты

CWE-20

Связанные уязвимости

ubuntu
около 10 лет назад

Incomplete blacklist vulnerability in the chfn function in libuser before 0.56.13-8 and 0.60 before 0.60-7, as used in the userhelper program in the usermode package, allows local users to cause a denial of service (/etc/passwd corruption) via a newline character in the GECOS field.

redhat
около 10 лет назад

Incomplete blacklist vulnerability in the chfn function in libuser before 0.56.13-8 and 0.60 before 0.60-7, as used in the userhelper program in the usermode package, allows local users to cause a denial of service (/etc/passwd corruption) via a newline character in the GECOS field.

nvd
около 10 лет назад

Incomplete blacklist vulnerability in the chfn function in libuser before 0.56.13-8 and 0.60 before 0.60-7, as used in the userhelper program in the usermode package, allows local users to cause a denial of service (/etc/passwd corruption) via a newline character in the GECOS field.

debian
около 10 лет назад

Incomplete blacklist vulnerability in the chfn function in libuser bef ...

oracle-oval
около 10 лет назад

ELSA-2015-1483: libuser security update (IMPORTANT)

EPSS

Процентиль: 94%
0.15421
Средний

Дефекты

CWE-20