CVE Vulnerabilities

CVE-2004-1001

Published: Mar 01, 2005 | Modified: Aug 11, 2020
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4.6 MEDIUM
AV:L/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu
UNTRIAGED

Unknown vulnerability in the passwd_check function in Shadow 4.0.4.1, and possibly other versions before 4.0.5, allows local users to conduct unauthorized activities when an error from a pam_chauthtok function call is not properly handled.

Affected Software

Name Vendor Start Version End Version
Shadow Debian 4.0.4.1 (including) 4.0.4.1 (including)
Shadow Ubuntu dapper *
Shadow Ubuntu devel *
Shadow Ubuntu edgy *
Shadow Ubuntu feisty *

References