|
|
CVE Reference: CVE-2005-2977 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2005-2977 |
|
|
Description: The SELinux version of PAM before 0.78 r3 allows local users to perform brute force password guessing attacks via unix_chkpwd, which does not log failed guesses or delay its responses. |
|
|
CVE Status: Candidate |
|
|
References: ST 1015111 SAID Secunia Advisory: SA17365 Secunia Advisory: SA17346 Secunia Advisory: SA17350 Secunia Advisory: SA17352 REDHAT http://www.redhat.com/support/errata/RHSA-2005-805.html OVAL http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10193 MISC GENTOO http://www.gentoo.org/security/en/glsa/glsa-200510-22.xml CONFIRM http://cvs.sourceforge.net/viewcvs.py/pam/Linux-PAM/NEWS?rev=1.6&view=markup BID 15217 |
|
| Return to the previous page. |
