VYPR

Linux Pam

by Linux Pam

Source repositories

CVEs (23)

  • CVE-2009-0579Apr 16, 2009
    risk 0.00cvss epss 0.00

    Linux-PAM before 1.0.4 does not enforce the minimum password age (MINDAYS) as specified in /etc/shadow, which allows local users to bypass intended security policy and change their passwords sooner than specified.

  • CVE-2009-0887Mar 12, 2009
    risk 0.00cvss epss 0.02

    Integer signedness error in the _pam_StrTok function in libpam/pam_misc.c in Linux-PAM (aka pam) 1.0.3 and earlier, when a configuration file contains non-ASCII usernames, might allow remote attackers to cause a denial of service, and might allow remote authenticated users to…

  • CVE-2007-0003Jan 23, 2007
    risk 0.00cvss epss 0.00

    pam_unix.so in Linux-PAM 0.99.7.0 allows context-dependent attackers to log into accounts whose password hash, as stored in /etc/passwd or /etc/shadow, has only two characters.

Page 2 of 2