5 matches found
EUVD-2004-0999
Malware in sbrugna...
CVE-2004-1001
Unknown vulnerability in the passwdcheck function in Shadow 4.0.4.1, and possibly other versions before 4.0.5, allows local users to conduct unauthorized activities when an error from a pamchauthtok function call is not properly handled...
CVE-2004-1001
Unknown vulnerability in the passwdcheck function in Shadow 4.0.4.1, and possibly other versions before 4.0.5, allows local users to conduct unauthorized activities when an error from a pamchauthtok function call is not properly handled...
CVE-2004-1001
CVE-2004-1001 affects Shadow’s passwd_check in version 4.0.4.1 (and possibly earlier than 4.0.5). A local user can perform unauthorized activities when an error from pam_chauthtok is not properly handled. The issue is local in scope with partial confidentiality/integrity/availability impact as pe...
shadow: Unauthorized modification of account information
Background shadow provides a set of utilities to deal with user accounts. Description Martin Schulze reported a flaw in the passwdcheck function in "libmisc/pwdcheck.c" which is used by chfn and chsh. Impact A logged-in local user with an expired password may be able to use chfn and chsh to chang...