EUVD-2013-6841

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2013-7041

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The pamuserdb module for Pam uses a case-insensitive method to compare hashed passwords, which makes it easier for attackers to guess the password via a brute...

RHEL 6 : pam (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - pam: path traversal issue in pamtimestamp's formattimestampname CVE-2014-2583 - The pamuserdb module for...

SUSE CVE-2013-7041

The pamuserdb module for Pam uses a case-insensitive method to compare hashed passwords, which makes it easier for attackers to guess the password via a brute force attack...

Mageia: Security Advisory (MGASA-2015-0213)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-2935-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 14.04 LTS : PAM vulnerabilities (USN-2935-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2935-1 advisory. It was discovered that the PAM pamuserdb module incorrectly used a case-insensitive method when comparing hashed passwords. A local attacker could possib...

USN-2935-1 pam vulnerabilities

It was discovered that the PAM pamuserdb module incorrectly used a case-insensitive method when comparing hashed passwords. A local attacker could possibly use this issue to make brute force attacks easier. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. CVE-2013-7041 Sebastian...

OracleVM 3.3 : pam (OVMSA-2015-0117)

The remote OracleVM system is missing necessary patches to address critical security updates : - fix CVE-2015-3238 - DoS due to blocking pipe with very long password - make pampwhistory and pamunix tolerant of opasswd file corruption - pamuserdb: allow any crypt hash algorithm to be used 1119289 ...

MGASA-2015-0213 Updated pam packages fix security vulnerabilities

Updated pam packages fix security vulnerabilities: The pamuserdb module for Pam uses a case-insensitive method to compare hashed passwords, which makes it easier for attackers to guess the password via a brute force attack CVE-2013-7041. Multiple directory traversal vulnerabilities in...

Amazon Linux AMI : pam (ALAS-2014-354)

Multiple directory traversal vulnerabilities in pamtimestamp.c in the pamtimestamp module for Linux-PAM aka pam 1.1.8 allow local users to create aribitrary files or possibly bypass authentication via a .. dot dot in the 1 PAMRUSER value to the getruser function or 2 PAMTTY value to the checktty...

CVE-2013-7041

The pamuserdb module for Pam uses a case-insensitive method to compare hashed passwords, which makes it easier for attackers to guess the password via a brute force attack...

CVE-2013-7041

The pamuserdb module for Pam uses a case-insensitive method to compare hashed passwords, which makes it easier for attackers to guess the password via a brute force attack...

Design/Logic Flaw

The pamuserdb module for Pam uses a case-insensitive method to compare hashed passwords, which makes it easier for attackers to guess the password via a brute force attack...

CVE-2013-7041

CVE-2013-7041 affects the Linux-PAM pam_userdb module, where a flaw in the password hash comparison (notably using case-insensitive comparison via strncasecmp) can enable brute-force credential guessing. Reported across multiple vendors (IBM FSM, Red Hat, SUSE, Debian/Ubuntu advisories) with low-...

UBUNTU-CVE-2013-7041

The pamuserdb module for Pam uses a case-insensitive method to compare hashed passwords, which makes it easier for attackers to guess the password via a brute force attack...

CVE-2013-7041

The pamuserdb module for Pam uses a case-insensitive method to compare hashed passwords, which makes it easier for attackers to guess the password via a brute force attack...