Executive Summary

Informations
Name CVE-2011-0721 First vendor Publication 2011-02-18
Vendor Cve Last vendor Modification 2017-08-17

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:P/A:P)
Cvss Base Score 6.4 Attack Range Network
Cvss Impact Score 4.9 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Multiple CRLF injection vulnerabilities in (1) chfn and (2) chsh in shadow 1:4.1.4 allow local users to add new users or groups to /etc/passwd via the GECOS field.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0721

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-20 Improper Input Validation

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:12855
 
Oval ID: oval:org.mitre.oval:def:12855
Title: DSA-2164-1 shadow -- insufficient input sanitisation
Description: Kees Cook discovered that the chfn and chsh utilities do not properly sanitise user input that includes newlines. An attacker could use this to to corrupt passwd entries and may create users or groups in NIS environments. Packages in the oldstable distribution are not affected by this problem.
Family: unix Class: patch
Reference(s): DSA-2164-1
CVE-2011-0721
Version: 5
Platform(s): Debian GNU/Linux 6.0
Debian GNU/kFreeBSD 6.0
Product(s): shadow
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13165
 
Oval ID: oval:org.mitre.oval:def:13165
Title: USN-1065-1 -- shadow vulnerability
Description: Kees Cook discovered that some shadow utilities did not correctly validate user input. A local attacker could exploit this flaw to inject newlines into the /etc/passwd file. If the system was configured to use NIS, this could lead to existing NIS groups or users gaining or losing access to the system, resulting in a denial of service or unauthorized access.
Family: unix Class: patch
Reference(s): USN-1065-1
CVE-2011-0721
Version: 5
Platform(s): Ubuntu 10.10
Ubuntu 9.10
Ubuntu 10.04
Product(s): shadow
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 1

OpenVAS Exploits

Date Description
2011-03-07 Name : Debian Security Advisory DSA 2164-1 (shadow)
File : nvt/deb_2164_1.nasl
2011-02-18 Name : Ubuntu Update for shadow vulnerability USN-1065-1
File : nvt/gb_ubuntu_USN_1065_1.nasl
0000-00-00 Name : Slackware Advisory SSA:2011-086-03 shadow
File : nvt/esoft_slk_ssa_2011_086_03.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
70895 shadow chfn/chsh Utility GECOS Field CRLF Injection

shadow contains multiple CRLF injection vulnerabilities related to the 'chfn' and 'chsh' utilities failing to handle newlines characters properly. This may allow a local attacker to add new groups or users to the 'etc/passwd' file via the GECOS field.

Nessus® Vulnerability Scanner

Date Description
2014-12-15 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201412-09.nasl - Type : ACT_GATHER_INFO
2011-05-28 Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2011-086-03.nasl - Type : ACT_GATHER_INFO
2011-02-20 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2164.nasl - Type : ACT_GATHER_INFO
2011-02-16 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1065-1.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

Source Url
BID http://www.securityfocus.com/bid/46426
DEBIAN http://www.debian.org/security/2011/dsa-2164
OSVDB http://osvdb.org/70895
SECUNIA http://secunia.com/advisories/42505
http://secunia.com/advisories/43345
SLACKWARE http://slackware.com/security/viewer.php?l=slackware-security&y=2011&...
UBUNTU http://www.ubuntu.com/usn/USN-1065-1
VUPEN http://www.vupen.com/english/advisories/2011/0396
http://www.vupen.com/english/advisories/2011/0398
http://www.vupen.com/english/advisories/2011/0773
XF https://exchange.xforce.ibmcloud.com/vulnerabilities/65564

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
Date Informations
2021-05-04 12:14:00
  • Multiple Updates
2021-04-22 01:15:10
  • Multiple Updates
2020-05-23 00:27:48
  • Multiple Updates
2017-08-17 09:23:18
  • Multiple Updates
2016-06-28 18:33:16
  • Multiple Updates
2016-04-26 20:33:02
  • Multiple Updates
2014-12-16 13:24:47
  • Multiple Updates
2014-02-17 11:00:30
  • Multiple Updates
2013-05-10 22:54:39
  • Multiple Updates