Login or Register to Ask a Question and Join Our Community


Security Advisories (RSS)

Debian: 2164-1: shadow: insufficient input sanitiza

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Security Advisories (RSS) Debian: 2164-1: shadow: insufficient input sanitiza
# 1  
Old 02-16-2011
Debian: 2164-1: shadow: insufficient input sanitiza
LinuxSecurity.com: Kees Cook discovered that the chfn and chsh utilities do not properly sanitize user input that includes newlines. An attacker could use this to to corrupt passwd entries and may create users or groups in NIS environments. [More...]

More...
Login or Register to Ask a Question

Previous Thread | Next Thread

2 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

Converting freebsd (5.2.1) master.passwd to Debian shadow

I'm trying to make this work, and it half works. Accounts with password hashes matching the old crypt(3) algorithm work just fine: JUpfW/w6jo6aw But accounts with longer password hashes preceded by $1$, such as the following, do not work: $1$iIcbppdP$HDyjJeVMGgJ.ovLsnjtTR.... (0 Replies)
Discussion started by: davidstvz
0 Replies

2. UNIX for Advanced & Expert Users

[Debian] Stop input from keyboard and mouse

Dear friends, I need to stop getting input from keyboard and mouse at some specific time like, every day from 6 PM to 7PM likewise. How can I do this. Kindly guide me to do this. I need to block the input. I am using Debian OS. (5 Replies)
Discussion started by: nagalenoj
5 Replies
Login or Register to Ask a Question