CVE-2001-1147
Summary
The PAM implementation in /bin/login of the util-linux package before 2.11 causes a password entry to be rewritten across multiple PAM calls, which could provide the credentials of one user to a different user, when used in certain PAM modules such as pam_limits.
- LOW
- LOCAL
- NONE
- COMPLETE
- COMPLETE
- COMPLETE
References
Advisory Timeline
- Published