Login or Register to Ask a Question and Join Our Community


Security Advisories (RSS)

Debian: 2164-1: shadow: insufficient input sanitiza

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Security Advisories (RSS) Debian: 2164-1: shadow: insufficient input sanitiza
# 1  
Old 02-16-2011
Debian: 2164-1: shadow: insufficient input sanitiza
LinuxSecurity.com: Kees Cook discovered that the chfn and chsh utilities do not properly sanitize user input that includes newlines. An attacker could use this to to corrupt passwd entries and may create users or groups in NIS environments. [More...]

More...
Login or Register to Ask a Question

Previous Thread | Next Thread

2 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

Converting freebsd (5.2.1) master.passwd to Debian shadow

I'm trying to make this work, and it half works. Accounts with password hashes matching the old crypt(3) algorithm work just fine: JUpfW/w6jo6aw But accounts with longer password hashes preceded by $1$, such as the following, do not work: $1$iIcbppdP$HDyjJeVMGgJ.ovLsnjtTR.... (0 Replies)
Discussion started by: davidstvz
0 Replies

2. UNIX for Advanced & Expert Users

[Debian] Stop input from keyboard and mouse

Dear friends, I need to stop getting input from keyboard and mouse at some specific time like, every day from 6 PM to 7PM likewise. How can I do this. Kindly guide me to do this. I need to block the input. I am using Debian OS. (5 Replies)
Discussion started by: nagalenoj
5 Replies
Login or Register to Ask a Question

LEARN ABOUT SUSE

chsh

chsh(1) 						      General Commands Manual							   chsh(1)

NAME

       chsh - change login shell

SYNOPSIS

       chsh [-D binddn] [-P path] [-s shell] [-l] [-q] [-u] [-v] [user]

DESCRIPTION

       chsh  is  used  to  change  the	user login shell.  A normal user may only change the login shell for their own account, the super user may
       change the login shell for any account.

       If a shell is not given on the command line, chsh operates in an interactive fashion, prompting the user  with  the  current  login  shell.
       Enter  the  new	value  to change the field, or leave the line blank to use the current value. Enter none to remove the current value.  The
       current value is displayed between a pair of [ ] marks.

       The only restrictions placed on the login shell is that the command name must be listed in /etc/shells, unless the invoker  is  the  super-
       user, and then any value may be added.  An account with a restricted login shell may not change their login shell.

       This version of chsh is able to change the shell of local, NIS, NIS+ and LDAP accounts , if the permissions allow it.

OPTIONS

       -D, --binddn binddn
	      Use  the	Distinguished  Name binddn to bind to the LDAP directory.  The user will be prompted for a password for simple authentica-
	      tion.

       -P, --path path
	      The passwd file is located below the specified directory path. chsh will use this files, not /etc/passwd.  This is useful for  exam-
	      ple  on  NIS master servers, where you do not want to give all users in the NIS database automatic access to your NIS server and the
	      NIS map is build from special files.

       -s, --shell
	      Specify your login shell.

       -l, --list-shells
	      Print the list of shells listed in /etc/shells and exit.

       -q, --quite
	      Don't be verbose.

       -u, --usage
	      Print a usage message and exit.

	   --help
	      Print a more verbose help text and exit.

       -v, --version
	      Print version information and exit.

FILES

       /etc/passwd - user account information
       /etc/shells - list of valid login shells

SEE ALSO

       chfn(1), passwd(5), shells(5)

AUTHOR

       Thorsten Kukuk <kukuk@suse.de>

pwdutils							   February 2004							   chsh(1)