Seth-Arnold

**Name of the Vulnerable Software and Affected Versions** IPPUSBXD versions prior to 1.22 **Description** The issue allows remote attackers to obtain access to USB connected printers via a direct request, as IPPUSBXD listens on all interfaces. **Recommendations** For versions prior to 1.22, update to version 1.22 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** shadow versions prior to 4.5 **Description** The issue is related to the newusers tool in the shadow utility, which can be manipulated with malformed input, leading to crashes or unspecified behaviors due to buffer overflow or memory corruption. This can cross a privilege boundary, particularly in web-hosting environments where an unprivileged user can create subaccounts through a Control Panel. The exploitation of this issue may allow a remote attacker to access confidential data, compromise its integrity, and cause a denial of service. **Recommendations** For shadow versions prior to 4.5, consider restricting access to the newusers tool to prevent unintended manipulation of internal data structures until a fixed version is available. As a temporary workaround, limit the creation of subaccounts in web-hosting environments to minimize the risk of exploitation.