CVE-2009-0579
Published Apr 16, 2009
Last updated 6 years ago
Overview
- Description
- Linux-PAM before 1.0.4 does not enforce the minimum password age (MINDAYS) as specified in /etc/shadow, which allows local users to bypass intended security policy and change their passwords sooner than specified.
- Source
- secalert@redhat.com
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 4.6
- Impact score
- 6.4
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- CWE-264
Vendor comments
- Red HatNot vulnerable. This issue did not affect the versions of pam as shipped with Red Hat Enterprise Linux 2.1, 3, 4, or 5. Only PAM versions 1.x were affected.
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:linux-pam:linux-pam:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6B4EF54C-CE7D-4CCE-ACF2-3810C7ABFEFB",
"versionEndIncluding": "1.0.4"
},
{
"criteria": "cpe:2.3:a:linux-pam:linux-pam:0.99.1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B59C70C7-FABE-4A45-A45D-2C7276D698DF"
},
{
"criteria": "cpe:2.3:a:linux-pam:linux-pam:0.99.2.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DBA50D8F-D5A8-4123-93CF-E7714571F411"
},
{
"criteria": "cpe:2.3:a:linux-pam:linux-pam:0.99.2.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DB8820C0-1ECB-45AD-A573-5667F0D09776"
},
{
"criteria": "cpe:2.3:a:linux-pam:linux-pam:0.99.3.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5D416053-0010-4B25-9F7C-6054C51C1685"
},
{
"criteria": "cpe:2.3:a:linux-pam:linux-pam:0.99.4.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B97AB578-0E9E-4370-8379-0CD455F2D740"
},
{
"criteria": "cpe:2.3:a:linux-pam:linux-pam:0.99.5.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "22A6147C-CC0A-4C9F-B9A9-E144F2133592"
},
{
"criteria": "cpe:2.3:a:linux-pam:linux-pam:0.99.6.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6DEF8EC8-0E0A-4C0A-95BE-FB7C23732083"
},
{
"criteria": "cpe:2.3:a:linux-pam:linux-pam:0.99.6.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C9A9AB1C-FDF8-4E98-8773-387E03CD93E1"
},
{
"criteria": "cpe:2.3:a:linux-pam:linux-pam:0.99.6.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8F94AA92-5854-46B9-8B3C-08FCC5B071CF"
},
{
"criteria": "cpe:2.3:a:linux-pam:linux-pam:0.99.6.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FD5C0039-827C-45CD-99BE-95459006CA59"
},
{
"criteria": "cpe:2.3:a:linux-pam:linux-pam:0.99.7.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F4256C34-DBCA-4FE0-96A5-874D7F00869A"
},
{
"criteria": "cpe:2.3:a:linux-pam:linux-pam:0.99.7.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1B2613D2-33C1-4132-AD9A-68190A59C0F4"
},
{
"criteria": "cpe:2.3:a:linux-pam:linux-pam:0.99.8.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "08FDE78F-119B-4FC8-BBFA-8048F2CF1227"
},
{
"criteria": "cpe:2.3:a:linux-pam:linux-pam:0.99.8.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C4A75789-F7EC-4D9C-942A-243DF92E5CA5"
},
{
"criteria": "cpe:2.3:a:linux-pam:linux-pam:0.99.9.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3753027E-D3A4-45D4-A3A3-2320C48AF6C6"
},
{
"criteria": "cpe:2.3:a:linux-pam:linux-pam:0.99.10.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6533A629-6351-4831-BBF7-44718262FAF3"
},
{
"criteria": "cpe:2.3:a:linux-pam:linux-pam:1.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "516F23F9-25B3-40DB-A3CA-2F1DE0678934"
},
{
"criteria": "cpe:2.3:a:linux-pam:linux-pam:1.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5F3ACA7F-D247-439C-8B5E-287EC5D236AF"
},
{
"criteria": "cpe:2.3:a:linux-pam:linux-pam:1.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6A30E5C3-501D-4DAA-B7F7-E42F98DEDBF9"
},
{
"criteria": "cpe:2.3:a:linux-pam:linux-pam:1.0.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AEC8C86C-9FC7-4838-BFD8-90431DEC4946"
}
],
"operator": "OR"
}
]
}
]