CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
25.1%
passwd 0.68 does not check the return code for the pam_start function, which has unknown impact and attack vectors that may prevent “safe and proper operation” of PAM.
Vendor | Product | Version | CPE |
---|---|---|---|
mandrakesoft | mandrake_multi_network_firewall | 8.2 | cpe:2.3:a:mandrakesoft:mandrake_multi_network_firewall:8.2:*:*:*:*:*:*:* |
mandrakesoft | mandrake_linux | 8.2 | cpe:2.3:o:mandrakesoft:mandrake_linux:8.2:*:*:*:*:*:*:* |
mandrakesoft | mandrake_linux | 8.2 | cpe:2.3:o:mandrakesoft:mandrake_linux:8.2:*:ppc:*:*:*:*:* |
mandrakesoft | mandrake_linux | 9.0 | cpe:2.3:o:mandrakesoft:mandrake_linux:9.0:*:*:*:*:*:*:* |
mandrakesoft | mandrake_linux | 9.1 | cpe:2.3:o:mandrakesoft:mandrake_linux:9.1:*:*:*:*:*:*:* |
mandrakesoft | mandrake_linux | 9.1 | cpe:2.3:o:mandrakesoft:mandrake_linux:9.1:*:ppc:*:*:*:*:* |
mandrakesoft | mandrake_linux | 9.2 | cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:*:*:*:*:*:* |
mandrakesoft | mandrake_linux | 9.2 | cpe:2.3:o:mandrakesoft:mandrake_linux:9.2:*:amd64:*:*:*:*:* |
mandrakesoft | mandrake_linux | 10.0 | cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:* |
mandrakesoft | mandrake_linux_corporate_server | 2.1 | cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:* |