Mandrake Linux Security Advisory : passwd (MDKSA-2004:045)

This script is Copyright (C) 2004-2013 Tenable Network Security, Inc.


Synopsis :

The remote Mandrake Linux host is missing a security update.

Description :

Steve Grubb found some problems in the passwd program. Passwords given
to passwd via stdin are one character shorter than they are supposed
to be. He also discovered that pam may not have been sufficiently
initialized to ensure safe and proper operation. A few small memory
leaks have been fixed as well.

The updated packages are patched to correct these problems.

Solution :

Update the affected passwd package.

Risk factor :

High / CVSS Base Score : 7.2
(CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)

Family: Mandriva Local Security Checks

Nessus Plugin ID: 14144 (mandrake_MDKSA-2004-045.nasl)

Bugtraq ID:

CVE ID: CVE-2004-2394
CVE-2004-2395
CVE-2004-2396

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now