Back to search
CVE-2017-20002
Published: Mar 17, 2021
Modified: Aug 5, 2024
PUBLISHED
Description
The Debian shadow package before 1:4.5-1 for Shadow incorrectly lists pts/0 and pts/1 as physical terminals in /etc/securetty. This allows local users to login as password-less users even if they are connected by non-physical means such as SSH (hence bypassing PAM's nullok_secure configuration). This notably affects environments such as virtual machines automatically generated with a default blank root password, allowing all local users to escalate privileges.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877374
x_refsource_MISC
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=914957
x_refsource_MISC
[debian-lts-announce] 20210317 [SECURITY] [DLA 2596-1] shadow security update
mailing-list
x_refsource_MLIST
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now