Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveMitreCVE-2004-2396
HistoryAug 17, 2005 - 4:00 a.m.

CVE-2004-2396

2005-08-1704:00:00
mitre
web.nvd.nist.gov
24
cve-2004-2396
passwd 0.68
pam_start
pam operations
security vulnerability

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.8

Confidence

Low

EPSS

0.001

Percentile

25.1%

JSON

passwd 0.68 does not check the return code for the pam_start function, which has unknown impact and attack vectors that may prevent “safe and proper operation” of PAM.

Affected configurations

Nvd
Node
mandrakesoftmandrake_multi_network_firewallMatch8.2
Node
mandrakesoftmandrake_linuxMatch8.2
OR
mandrakesoftmandrake_linuxMatch8.2ppc
OR
mandrakesoftmandrake_linuxMatch9.0
OR
mandrakesoftmandrake_linuxMatch9.1
OR
mandrakesoftmandrake_linuxMatch9.1ppc
OR
mandrakesoftmandrake_linuxMatch9.2
OR
mandrakesoftmandrake_linuxMatch9.2amd64
OR
mandrakesoftmandrake_linuxMatch10.0
OR
mandrakesoftmandrake_linux_corporate_serverMatch2.1
OR
mandrakesoftmandrake_linux_corporate_serverMatch2.1x86_64
VendorProductVersionCPE
mandrakesoftmandrake_multi_network_firewall8.2cpe:2.3:a:mandrakesoft:mandrake_multi_network_firewall:8.2:*:*:*:*:*:*:*
mandrakesoftmandrake_linux8.2cpe:2.3:o:mandrakesoft:mandrake_linux:8.2:*:*:*:*:*:*:*
mandrakesoftmandrake_linux8.2cpe:2.3:o:mandrakesoft:mandrake_linux:8.2:*:ppc:*:*:*:*:*
mandrakesoftmandrake_linux9.0cpe:2.3:o:mandrakesoft:mandrake_linux:9.0:*:*:*:*:*:*:*
mandrakesoftmandrake_linux9.1cpe:2.3:o:mandrakesoft:mandrake_linux:9.1:*:*:*:*:*:*:*
mandrakesoftmandrake_linux9.1cpe:2.3:o:mandrakesoft:mandrake_linux:9.1:*:ppc:*:*:*:*:*
mandrakesoftmandrake_linux9.2cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:*:*:*:*:*:*
mandrakesoftmandrake_linux9.2cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:amd64:*:*:*:*:*
mandrakesoftmandrake_linux10.0cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*
mandrakesoftmandrake_linux_corporate_server2.1cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*
Rows per page:
1-10 of 111

Related

nvd 1
cvelist 1
nessus 1
nvd
nvd
CVE-2004-2396
2004-12-31 05:00:00
cvelist
cvelist
CVE-2004-2396
2005-08-17 04:00:00
nessus
nessus
Mandrake Linux Security Advisory : passwd (MDKSA-2004:045)
2004-07-31 00:00:00

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.8

Confidence

Low

EPSS

0.001

Percentile

25.1%

JSON
Related for CVE-2004-2396
nvd1cvelist1nessus1