Computer Security
[EN] securityvulns.ru no-pyccku


pam unauthorized access
Published:24.01.2007
Source:
SecurityVulns ID:7104
Type:remote
Threat Level:
5/10
Description:Any password is accepted if password hash contains some set of characters.
Affected:PAM : pam 0.99
CVE:CVE-2007-0003 (pam_unix.so in Linux-PAM 0.99.7.0 allows context-dependent attackers to log into accounts whose password hash, as stored in /etc/passwd or /etc/shadow, has only two characters.)
Original documentdocumentSECUNIA, [SA23858] Linux-PAM Login Bypass Security Vulnerability (24.01.2007)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod