Vulnerabilities > Debian > Shadow > 4.0.14
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-11-04 | CVE-2005-4890 | Improper Input Validation vulnerability in multiple products There is a possible tty hijacking in shadow 4.x before 4.1.5 and sudo 1.x before 1.7.4 via "su - user -c program". | 7.2 |
| 2006-04-19 | CVE-2006-1844 | Unspecified vulnerability in Debian Base-Config and Shadow The Debian installer for the (1) shadow 4.0.14 and (2) base-config 2.53.10 packages includes sensitive information in world-readable log files, including preseeded passwords and pppoeconf passwords, which might allow local users to gain privileges. | 2.1 |