Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2004-1001HistoryMar 01, 2005 - 5:00 a.m.
CVE-2004-1001
2005-03-0105:00:00
Debian Security Bug Tracker
security-tracker.debian.org
6
CVSS2
4.6
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
EPSS
0
Percentile
5.1%
Unknown vulnerability in the passwd_check function in Shadow 4.0.4.1, and possibly other versions before 4.0.5, allows local users to conduct unauthorized activities when an error from a pam_chauthtok function call is not properly handled.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | shadow | < 1:4.0.3-35 | shadow_1:4.0.3-35_all.deb |
| Debian | 11 | all | shadow | < 1:4.0.3-35 | shadow_1:4.0.3-35_all.deb |
| Debian | 999 | all | shadow | < 1:4.0.3-35 | shadow_1:4.0.3-35_all.deb |
| Debian | 13 | all | shadow | < 1:4.0.3-35 | shadow_1:4.0.3-35_all.deb |
Related
nessus
nessus
Mandrake Linux Security Advisory : shadow-utils (MDKSA-2004:126)
2004-11-05 00:00:00
GLSA-200411-09 : shadow: Unauthorized modification of account information
2004-11-05 00:00:00
Ubuntu 4.10 : passwd vulnerabilities (USN-17-1)
2006-01-15 00:00:00
debian
debian
[SECURITY] [DSA 585-1] New shadow packages fix unintended behaviour
2004-11-05 14:59:37
[SECURITY] [DSA 585-1] New shadow packages fix unintended behaviour
2004-11-05 14:59:37
openvas
openvas
Ubuntu: Security Advisory (USN-17-1)
2022-08-26 00:00:00
Gentoo Security Advisory GLSA 200411-09 (shadow)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200411-09 (shadow)
2008-09-24 00:00:00
ubuntucve
ubuntucve
CVE-2004-1001
2005-03-01 00:00:00
gentoo
gentoo
shadow: Unauthorized modification of account information
2004-11-04 00:00:00
cve
cve
CVE-2004-1001
2005-03-01 05:00:00
cvelist
cvelist
CVE-2004-1001
2004-11-04 05:00:00
nvd
nvd
CVE-2004-1001
2005-03-01 05:00:00
ubuntu
ubuntu
passwd vulnerability
2004-11-05 00:00:00
osv
osv
shadow - programming error
2004-11-05 00:00:00
CVSS2
4.6
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
EPSS
0
Percentile
5.1%
Related for DEBIANCVE:CVE-2004-1001