Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-2396

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2004-2396
Last Modified 05 Sep 2008 04:44:01
Published 31 Dec 2004 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2004-2396

Summary

passwd 0.68 does not check the return code for the pam_start function, which has unknown impact and attack vectors that may prevent "safe and proper operation" of PAM.

Vulnerable Systems


References

XF - passwd-pamstart-improper-validation(16179)

BID - 10370

MANDRAKE - MDKSA-2004:045

MISC - http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=120060


Last Updated: 27 May 2016 10:39:28