10 matches found
Linux Distros Unpatched Vulnerability : CVE-2013-7041
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The pamuserdb module for Pam uses a case-insensitive method to compare hashed passwords, which makes it easier for attackers to guess the password via a brute...
RHEL 6 : pam (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - pam: path traversal issue in pamtimestamp's formattimestampname CVE-2014-2583 - The pamuserdb module for...
Security Bulletin: Vulnerability in pam affects IBM Integrated Management Module II (IMM2) for System x, Flex and BladeCenter systems (CVE-2013-7041)
Summary IBM Integrated Management Module II IMM2 for System x, Flex and BladeCenter systems have addressed the following vulnerability in pam. Vulnerability Details Summary IBM Integrated Management Module II IMM2 for System x, Flex and BladeCenter systems have addressed the following vulnerabili...
Mageia: Security Advisory (MGASA-2015-0213)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2016:1645-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
NewStart CGSL CORE 5.04 / MAIN 5.04 : pam Multiple Vulnerabilities (NS-SA-2019-0198)
The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has pam packages installed that are affected by multiple vulnerabilities: - pamunix.so in Linux-PAM 0.99.7.0 allows context- dependent attackers to log into accounts whose password hash, as stored in /etc/passwd or /etc/shadow,...
Security Bulletin: IBM Flex System Manager (FSM) is affected by a Pluggable Authentication Module (PAM) vulnerability (CVE-2013-7041)
Summary A security vulnerability was discovered in PAM that is embedded in the IBM FSM. This bulletin addresses this vulnerabilities. Vulnerability Details CVEID: CVE-2013-7041 DESCRIPTION: pamuserdb module for Pam could provide weaker than expected security, caused by an error in the strncasecmp...
GLSA-201605-05 : Linux-PAM: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-201605-05 Linux-PAM: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Linux-PAM. Please review the CVE identifiers referenced below for details. Impact : Remote attackers could cause Denial of Service,...
Fedora Update for pam FEDORA-2014-16350
Check the version of pam SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.868616";...
CVE-2013-7041
CVE-2013-7041 affects the Linux-PAM pam_userdb module, where a flaw in the password hash comparison (notably using case-insensitive comparison via strncasecmp) can enable brute-force credential guessing. Reported across multiple vendors (IBM FSM, Red Hat, SUSE, Debian/Ubuntu advisories) with low-...