) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
Search Parameters:
- CPE Product Version: cpe:/a:debian:shadow:-
There are 2 matching records.
Displaying matches 1 through 2.
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2013-4235 |
shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees Published: December 03, 2019; 10:15:10 AM -0500 |
V3.1: 4.7 MEDIUM V2.0: 3.3 LOW |
| CVE-2006-1174 |
useradd in shadow-utils before 4.0.3, and possibly other versions before 4.0.8, does not provide a required argument to the open function when creating a new user mailbox, which causes the mailbox to be created with unpredictable permissions and possibly allows attackers to read or modify the mailbox. Published: May 28, 2006; 7:02:00 PM -0400 |
V3.x:(not available) V2.0: 3.7 LOW |