PT-2007-1504 · Linux · Linux-Pam

Publicado

2007-01-23

Atualizado

2017-07-29

CVE-2007-0003

CVSS v2.0

7.2

Alta

Vetor

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Linux-PAM version 0.99.7.0

Description The issue allows context-dependent attackers to log into accounts with incomplete password hashes. This affects accounts whose password hash, as stored in /etc/passwd or /etc/shadow, has only two characters.

Recommendations For Linux-PAM version 0.99.7.0, update to a version that includes a fix for this issue to prevent unauthorized access to accounts with incomplete password hashes.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2007-0003

Produtos afetados

Linux-Pam

PT-2007-1504 · Linux · Linux-Pam

CVE-2007-0003

Identificadores relacionados

Produtos afetados

Referências · 10