Vulnerabilities > Debian > Shadow > 4.0.5
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-11-04 | CVE-2005-4890 | Improper Input Validation vulnerability in multiple products There is a possible tty hijacking in shadow 4.x before 4.1.5 and sudo 1.x before 1.7.4 via "su - user -c program". | 7.2 |
2006-05-28 | CVE-2006-1174 | Permissions, Privileges, and Access Controls vulnerability in Debian Shadow useradd in shadow-utils before 4.0.3, and possibly other versions before 4.0.8, does not provide a required argument to the open function when creating a new user mailbox, which causes the mailbox to be created with unpredictable permissions and possibly allows attackers to read or modify the mailbox. | 3.7 |