Fluid Attacks Database

Description

The Debian shadow package before 1:4.5-1 for Shadow incorrectly lists pts/0 and pts/1 as physical terminals in /etc/securetty. This allows local users to login as password-less users even if they are connected by non-physical means such as SSH (hence bypassing PAM's nullok_secure configuration). This notably affects environments such as virtual machines automatically generated with a default blank root password, allowing all local users to escalate privileges.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
debian 14	shadow	>=0 <1:4.5-1	1:4.5-1
debian 11	shadow	>=0 <1:4.5-1	1:4.5-1
debian 12	shadow	>=0 <1:4.5-1	1:4.5-1
debian 13	shadow	>=0 <1:4.5-1	1:4.5-1

Aliases

1. CVE-2017-200022. NVD-2017-200023. OSV-DEBIAN-2017-200024. OSV-2017-200025. SECURITY-TRACKER-CVE-2017-20002

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.