CVE-2004-0653

2004-08-06T04:00:00
ID CVE-2004-0653
Type cve
Reporter cve@mitre.org
Modified 2017-10-11T01:29:00

Description

Solaris 9, when configured as a Kerberos client with patch 112908-12 or 115168-03 and using pam_krb5 as an "auth" module with the debug feature enabled, records passwords in plaintext, which could allow local users to gain other user's passwords by reading log files.