RSS   Vulnerabilities for 'PAM'   RSS

2005-11-01
 
CVE-2005-2977

 

 
The SELinux version of PAM before 0.78 r3 allows local users to perform brute force password guessing attacks via unix_chkpwd, which does not log failed guesses or delay its responses.

 
2002-10-28
 
CVE-2002-1227

 

 
PAM 0.76 treats a disabled password as if it were an empty (null) password, which allows local and remote attackers to gain privileges as disabled users.

 
1998-12-01
 
CVE-1999-0342

 

 
Linux PAM modules allow local users to gain root access using temporary files.

 


Copyright 2024, cxsecurity.com

 

Back to Top