VYPR
Unrated severityNVD Advisory· Published Nov 1, 2005· Updated Jun 16, 2026

CVE-2005-2977

CVE-2005-2977

Description

The SELinux version of PAM before 0.78 r3 allows local users to perform brute force password guessing attacks via unix_chkpwd, which does not log failed guesses or delay its responses.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Linux Pam/Pam2 versions
    cpe:2.3:a:pam:pam:*:*:selinux:*:*:*:*:*+ 1 more
    • cpe:2.3:a:pam:pam:*:*:selinux:*:*:*:*:*range: <=0.80
    • (no CPE)range: <0.78r3

Patches

Vulnerability mechanics

References

12

News mentions

0

No linked articles in our index yet.