PT-2007-1504 · Linux · Linux-Pam

Published

2007-01-23

Updated

2017-07-29

CVE-2007-0003

CVSS v2.0

7.2

High

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Linux-PAM version 0.99.7.0

Description The issue allows context-dependent attackers to log into accounts with incomplete password hashes. This affects accounts whose password hash, as stored in /etc/passwd or /etc/shadow, has only two characters.

Recommendations For Linux-PAM version 0.99.7.0, update to a version that includes a fix for this issue to prevent unauthorized access to accounts with incomplete password hashes.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2007-0003

Affected Products

Linux-Pam

PT-2007-1504 · Linux · Linux-Pam

CVE-2007-0003

Related Identifiers

Affected Products

References · 10