22 matches found
SUSE SLED15 / SLES15 Security Update : apparmor (SUSE-SU-2025:01511-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:01511-1 advisory. - Add dacreadsearch capability for unixchkpwd to allow it to read the shadow file even if it has 000 permissions. This...
SUSE-SU-2025:01511-1 Security update for apparmor
This update for apparmor fixes the following issues: - Add dacreadsearch capability for unixchkpwd to allow it to read the shadow file even if it has 000 permissions. This is needed after the CVE-2024-10041 fix in PAM. bsc1241678...
Security update for apparmor
This update for apparmor fixes the following issues: Add dacreadsearch capability for unixchkpwd to allow it to read the shadow file even if it has 000 permissions. This is needed after the CVE-2024-10041 fix in PAM. bsc1241678 Patch Instructions: To install this SUSE update use the SUSE...
SUSE-SU-2025:1549-1 Security update for apparmor
This update for apparmor fixes the following issues: - Add dacreadsearch capability for unixchkpwd to allow it to read the shadow file even if it has 000 permissions. This is needed after the CVE-2024-10041 fix in PAM. bsc1241678...
SUSE SLES15: apache2-mod_apparmor / apparmor-abstractions / apparmor-docs / etc (SUSE-SU-2025:1512-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:1512-1 advisory. - Add dacreadsearch capability for unixchkpwd to allow it to read the shadow file even if it has 000 permissions. This is needed after the...
SUSE SLES15: apache2-mod_apparmor / apparmor-abstractions / apparmor-docs / etc (SUSE-SU-2025:1505-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:1505-1 advisory. - Add dacreadsearch capability for unixchkpwd to allow it to read the shadow file even if it has 000 permissions. This is needed after the...
SUSE SLED15: apache2-mod_apparmor / apparmor-abstractions / apparmor-docs / etc (SUSE-SU-2025:1511-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:1511-1 advisory. - Add dacreadsearch capability for unixchkpwd to allow it to read the shadow file even if it has 000...
SUSE-SU-2025:1517-1 Security update for apparmor
This update for apparmor fixes the following issues: - Add dacreadsearch capability for unixchkpwd to allow it to read the shadow file even if it has 000 permissions. This is needed after the CVE-2024-10041 fix in PAM. bsc1241678...
Security update for apparmor
This update for apparmor fixes the following issues: Add dacreadsearch capability for unixchkpwd to allow it to read the shadow file even if it has 000 permissions. This is needed after the CVE-2024-10041 fix in PAM. bsc1241678 Patch Instructions: To install this SUSE update use the SUSE...
SUSE-SU-2025:1512-1 Security update for apparmor
This update for apparmor fixes the following issues: - Add dacreadsearch capability for unixchkpwd to allow it to read the shadow file even if it has 000 permissions. This is needed after the CVE-2024-10041 fix in PAM. bsc1241678...
SUSE-SU-2025:1511-1 Security update for apparmor
This update for apparmor fixes the following issues: - Add dacreadsearch capability for unixchkpwd to allow it to read the shadow file even if it has 000 permissions. This is needed after the CVE-2024-10041 fix in PAM. bsc1241678...
Security update for apparmor
This update for apparmor fixes the following issues: Add dacreadsearch capability for unixchkpwd to allow it to read the shadow file even if it has 000 permissions. This is needed after the CVE-2024-10041 fix in PAM. bsc1241678 Patch Instructions: To install this SUSE update use the SUSE...
SUSE-SU-2025:1505-1 Security update for apparmor
This update for apparmor fixes the following issues: - Add dacreadsearch capability for unixchkpwd to allow it to read the shadow file even if it has 000 permissions. This is needed after the CVE-2024-10041 fix in PAM. bsc1241678...
RHEL 5 : pam (RHSA-2007:0555)
Updated pam packages that fix two security flaws, resolve several bugs, and add enhancements are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Pluggable Authentication Modules PAM provide a system...
Moderate: Red Hat Security Advisory: pam security, bug fix, and enhancement update
Updated pam packages that fix two security flaws, resolve several bugs, and add enhancements are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Pluggable Authentication Modules PAM provide a system...
CVE-2005-2977
The SELinux version of PAM before 0.78 r3 allows local users to perform brute force password guessing attacks via unixchkpwd, which does not log failed guesses or delay its responses...
CVE-2005-2977
The CVE-2005-2977 issue affects the SELinux-enabled PAM, specifically PAM before 0.78 r3. The unix_chkpwd helper can be misused by a local attacker to brute-force check passwords without logging failed attempts or delaying responses, enabling partial disclosure risk (confidentiality impact) on lo...
CVE-2005-2977
The SELinux version of PAM before 0.78 r3 allows local users to perform brute force password guessing attacks via unixchkpwd, which does not log failed guesses or delay its responses...
SELinux PAM passwords bruteforcing
There is no delay or logging for invalid password in unixchkpwd utility...
Fedora Core 4 : pam-0.79-9.6 (2005-1031)
This update fixes a security bug in unixchkpwd allowing brute-force attacks against passwords in /etc/shadow by a regular user when SELinux is enabled. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempte...