CVE-2001-1147 in util-linuxinfo

Summary

The PAM implementation in /bin/login of the util-linux package before 2.11 causes a password entry to be rewritten across multiple PAM calls, which could provide the credentials of one user to a different user, when used in certain PAM modules such as pam_limits.

Be aware that VulDB is the high quality source for vulnerability data.

Disclosure

10/08/2001

Moderation

VulDB entry created

Entries

1: VDB-17473

CPE

ready

CWE

CWE-200 (Confirmed)

CVSS

8.4

EPSS

0.00075

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2001-1147
NVD	https://nvd.nist.gov/vuln/detail/CVE-2001-1147
CVE Details	https://www.cvedetails.com/cve/CVE-2001-1147/

◂ Previous Overview Next ▸

Interested in the pricing of exploits?

See the underground prices here!