PT-2004-3289 · Passwd · Passwd

Steve Grubb

Publicado

2004-12-31

Atualizado

2017-07-11

CVE-2004-2396

CVSS v2.0

7.2

Alta

Vetor

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions: passwd version 0.68

Description: The issue is related to the pam start function, where the return code is not checked, potentially preventing safe and proper operation of PAM. The impact and attack vectors of this issue are unknown.

Recommendations: For passwd version 0.68, consider implementing a check for the return code of the pam start function as a mitigation measure until a patch is available.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2004-2396

Produtos afetados

Passwd

PT-2004-3289 · Passwd · Passwd

CVE-2004-2396

Identificadores relacionados

Produtos afetados

Referências · 5