PT-2004-3289 · Passwd · Passwd

Steve Grubb

Published

2004-12-31

Updated

2017-07-11

CVE-2004-2396

CVSS v2.0

7.2

High

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions: passwd version 0.68

Description: The issue is related to the pam start function, where the return code is not checked, potentially preventing safe and proper operation of PAM. The impact and attack vectors of this issue are unknown.

Recommendations: For passwd version 0.68, consider implementing a check for the return code of the pam start function as a mitigation measure until a patch is available.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2004-2396

Affected Products

Passwd

PT-2004-3289 · Passwd · Passwd

CVE-2004-2396

Related Identifiers

Affected Products

References · 5