VULHUB ™

ShadowJAAS is prone to a design error that may cause user credentials to be disclosed to other local users. Vulnerable versions of ShadowJAAS require that username and password credentials are passed via the command line instead of through standard input when a user authenticates. As a result, this information may be accessible to other local users through various means.

ShadowJAAS is prone to a design error that may cause user credentials to be disclosed to other local users. Vulnerable versions of ShadowJAAS require that username and password credentials are passed via the command line instead of through standard input when a user authenticates. As a result, this information may be accessible to other local users through various means.