|
|
CVE Reference: CVE-2008-1946 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2008-1946 |
|
|
Description: The default configuration of su in /etc/pam.d/su in GNU coreutils 5.2.1 allows local users to gain the privileges of a (1) locked or (2) expired account by entering the account name on the command line, related to improper use of the pam_succeed_if.so module. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/43993 ST 1020552 SAID Secunia Advisory: SA31225 REDHAT http://rhn.redhat.com/errata/RHSA-2008-0780.html OVAL http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10029 BID 30363 |
|
| Return to the previous page. |
