Local Authentication Bypass in Shadow by Sun Microsystems
CVE-2004-1001

Currently unrated

Key Information:

Vendor

Debian
Status
Shadow
Vendor
CVE Published:
1 March 2005

What is CVE-2004-1001?

An unaddressed vulnerability in the passwd_check function present in Shadow could allow local users to exploit improper error handling from the pam_chauthtok function. This flaw potentially enables unauthorized activities, compromising system security if the flaw is not remediated.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://secunia.com/advisories/13028
third-party-advisoryx_refsource_SECUNIA
http://www.debian.org/security/2004/dsa-585
vendor-advisoryx_refsource_DEBIAN
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio...
vendor-advisoryx_refsource_CONECTIVA

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.