#VU32061 Buffer overflow in shadow - CVE-2017-12424

Cybersecurity Help s.r.o.

Published: 2017-08-04 | Updated: 2020-07-28

Vulnerability identifier: #VU32061

Vulnerability risk: High

CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-12424

CWE-ID: CWE-119

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
shadow
Universal components / Libraries / Libraries used by multiple products

Vendor: Mark Florian

Description

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

In shadow before 4.5, the newusers tool could be made to manipulate internal data structures in ways unintended by the authors. Malformed input may lead to crashes (with a buffer overflow or other memory corruption) or other unspecified behaviors. This crosses a privilege boundary in, for example, certain web-hosting environments in which a Control Panel allows an unprivileged user account to create subaccounts.

Mitigation
Install update from vendor's website.

Vulnerable software versions

shadow: 4.0.0 - 4.4.0

External links
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=756630
https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1266675
https://github.com/shadow-maint/shadow/commit/954e3d2e7113e9ac06632aee3c69b8d818cc8952
https://security.gentoo.org/glsa/201710-16

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in Cloud Foundry cflinuxfs3

Ubuntu update for shadow

Buffer overflow in shadow (Alpine package)

Gentoo update for Shadow

Buffer overflow in shadow