CVE-2023-29383

Name of the Vulnerable Software and Affected Versions Shadow version 4.13

Description The issue is related to insufficient neutralization of special elements in a request, which can be exploited to impact data integrity. In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID program chfn (change finger). Although direct exploitation is not possible due to block lists, an adversary can misrepresent the /etc/passwd file when viewed. By using r manipulations and Unicode characters to work around blocking of the : character, it is possible to give the impression that a new user has been added. This could lead to a social-engineered denial of service, where a system administrator takes the system offline after being convinced that a rogue user account exists.

Recommendations For Shadow version 4.13, consider disabling the chfn function until a patch is available to prevent potential manipulation of the /etc/passwd file. Restrict access to the chfn program to minimize the risk of exploitation. Avoid using the chfn program to modify user accounts until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.