CVE Vulnerabilities

CVE-2002-1227

Published: Oct 28, 2002 | Modified: Sep 05, 2008
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

PAM 0.76 treats a disabled password as if it were an empty (null) password, which allows local and remote attackers to gain privileges as disabled users.

Affected Software

Name Vendor Start Version End Version
Pam Pam 0.76 0.76

References