Lucene search

K
cve[email protected]CVE-2004-2396
HistoryDec 31, 2004 - 5:00 a.m.

CVE-2004-2396

2004-12-3105:00:00
NVD-CWE-Other
web.nvd.nist.gov
17
cve-2004-2396
passwd 0.68
pam_start
pam operations
security vulnerability

7.1 High

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

23.2%

passwd 0.68 does not check the return code for the pam_start function, which has unknown impact and attack vectors that may prevent β€œsafe and proper operation” of PAM.

7.1 High

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

23.2%

Related for CVE-2004-2396