CVE-2005-2977

Low

2.1/10

Summary

The SELinux version of PAM before 0.78 r3 allows local users to perform brute force password guessing attacks via unix_chkpwd, which does not log failed guesses or delay its responses.

Access Complexity: LOW
AccessVector: LOCAL
Authentication: NONE
Integrity Impact: NONE
Confidentiality Impact: PARTIAL
Availability Impact: NONE

References

Advisory Timeline

Published Nov 01, 2005

CVE-2005-2977

Summary

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS