Unrated severityNVD Advisory· Published Jul 28, 2010· Updated Apr 29, 2026
CVE-2010-0833
CVE-2010-0833
Description
The pam_lsass library in Likewise Open 5.4 and CIFS 5.4 before build 8046, and 6.0 before build 8234, as used in HP StorageWorks X9000 Network Storage Systems and possibly other products, uses "SetPassword logic" when running as part of a root service, which allows remote attackers to bypass authentication for a Likewise Security Authority (lsassd) account whose password is marked as expired.
Affected products
3- cpe:2.3:a:likewise:likewise_cifs:5.4:*:*:*:*:*:*:*
cpe:2.3:a:likewise:likewise_open:5.4:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:likewise:likewise_open:5.4:*:*:*:*:*:*:*
- cpe:2.3:a:likewise:likewise_open:6.0:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
10- www.likewise.com/community/index.php/forums/viewthread/772/nvdPatchVendor Advisory
- secunia.com/advisories/40725nvdVendor Advisory
- secunia.com/advisories/40736nvdVendor Advisory
- secunia.com/advisories/43244nvdVendor Advisory
- www.vupen.com/english/advisories/2010/1913nvdVendor Advisory
- www.vupen.com/english/advisories/2011/0312nvdVendor Advisory
- marc.infonvd
- www.securityfocus.com/archive/1/512643/100/0/threadednvd
- www.securitytracker.com/idnvd
- www.ubuntu.com/usn/USN-964-1nvd
News mentions
0No linked articles in our index yet.