Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2015-0885

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2015-0885
Last Modified 24 Sep 2015 12:46:37
Published 27 Feb 2015 09:59:35
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2015-0885

Summary

checkpw 1.02 and earlier allows remote attackers to cause a denial of service (infinite loop) via a -- (dash dash) in a username.

Vulnerable Systems

Operating System

  • Debian Linux 7.0

Application

  • Checkpw Project Checkpw 1.02


References

JVNDB - JVNDB-2015-000032

JVN - JVN#34790526

CONFIRM - http://jvn.jp/en/jp/JVN34790526/995575/index.html

CONFIRM - http://checkpw.sourceforge.net/checkpw/changes.txt

DEBIAN - DSA-3192


Last Updated: 27 May 2016 11:09:55