Vulnerabilities > Debian > Shadow > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-11-04 | CVE-2005-4890 | Improper Input Validation vulnerability in multiple products There is a possible tty hijacking in shadow 4.x before 4.1.5 and sudo 1.x before 1.7.4 via "su - user -c program". | 7.2 |
| 2008-12-09 | CVE-2008-5394 | Link Following vulnerability in Debian Shadow 4.0.18.1 /bin/login in shadow 4.0.18.1 in Debian GNU/Linux, and probably other Linux distributions, allows local users in the utmp group to overwrite arbitrary files via a symlink attack on a temporary file referenced in a line (aka ut_line) field in a utmp entry. | 7.2 |