CVE-2009-0579
N/A
N/A
Summary
Linux-PAM before 1.0.4 does not enforce the minimum password age (MINDAYS) as specified in /etc/shadow, which allows local users to bypass intended security policy and change their passwords sooner than specified.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://secunia.com/advisories/34728
- https://bugzilla.redhat.com/show_bug.cgi?id=487216
- https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00398.html
- https://www.redhat.com/archives/pam-list/2009-March/msg00006.html
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=514437
- https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00420.html
- http://secunia.com/advisories/34733
References
- http://secunia.com/advisories/34728
- https://bugzilla.redhat.com/show_bug.cgi?id=487216
- https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00398.html
- https://www.redhat.com/archives/pam-list/2009-March/msg00006.html
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=514437
- https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00420.html
- http://secunia.com/advisories/34733
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.