CVE-2023-29383

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2023-29383

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-29383.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2023-29383

Related

Published

2023-04-14T22:15:07Z

Modified

2025-04-18T21:56:50.432407Z

Downstream

DLA-4130-1

Severity

3.3 (Low) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N CVSS Calculator

Summary

[none]

Details

In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn (change finger). Although it is not possible to exploit this directly (e.g., adding a new user fails because \n is in the block list), it is possible to misrepresent the /etc/passwd file when viewed. Use of \r manipulations and Unicode characters to work around blocking of the : character make it possible to give the impression that a new user has been added. In other words, an adversary may be able to convince a system administrator to take the system offline (an indirect, social-engineered denial of service) by demonstrating that "cat /etc/passwd" shows a rogue user account.

References

Affected packages

Debian:11 / shadow

Package

Name: shadow
Purl: pkg:deb/debian/shadow?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:4.8.1-1+deb11u1

Affected versions

1:4.*

1:4.8.1-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / shadow

Package

Name: shadow
Purl: pkg:deb/debian/shadow?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

1:4.*

1:4.13+dfsg1-1

1:4.13+dfsg1-2

1:4.13+dfsg1-3

1:4.13+dfsg1-4

1:4.13+dfsg1-5

1:4.15.1-1

1:4.15.2-1

1:4.15.2-2

1:4.15.2-3

1:4.15.3-1

1:4.15.3-2

1:4.15.3-3

1:4.16.0-1

1:4.16.0-2

1:4.16.0-3

1:4.16.0-4

1:4.16.0-5

1:4.16.0-6

1:4.16.0-7

1:4.17.0~rc1-1

1:4.17.0~rc1-2

1:4.17.0-1

1:4.17.1-1

1:4.17.1-2

1:4.17.2-1

1:4.17.2-2

1:4.17.2-3

1:4.17.2-4

1:4.17.2-5

1:4.17.2-5+hurd.1

1:4.17.2-6

1:4.17.3-1

1:4.17.3-2

1:4.17.3-3

1:4.17.4-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / shadow

Package

Name: shadow
Purl: pkg:deb/debian/shadow?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:4.13+dfsg1-2

Affected versions

1:4.*

1:4.13+dfsg1-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/shadow-maint/shadow

Affected ranges

Type: GIT
Repo: https://github.com/shadow-maint/shadow
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

e5905c4b84d4fb90aefcd96ee618411ebfac663d

Fixed

e5905c4b84d4fb90aefcd96ee618411ebfac663d

Affected versions

4.*

4.10

4.12

4.12.1

4.12.2

4.13

4.2.1

4.3.0

4.3.1

4.4

4.5

4.6

4.7

4.8

4.8.1

4.9

v4.*

v4.10

v4.11.1

v4.9