CVE-2008-1946 in coreutilsinfo

Summary

The default configuration of su in /etc/pam.d/su in GNU coreutils 5.2.1 allows local users to gain the privileges of a (1) locked or (2) expired account by entering the account name on the command line, related to improper use of the pam_succeed_if.so module.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Reservation

04/24/2008

Disclosure

07/28/2008

Moderation

VulDB entry created

Entries

VDB-43405 (1)

CPE

ready

CWE

CWE-264 (Confirmed)

CVSS

5.9

EPSS

0.00069

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2008-1946
NVD	https://nvd.nist.gov/vuln/detail/CVE-2008-1946
CVE Details	https://www.cvedetails.com/cve/CVE-2008-1946/

◂ Previous Overview Next ▸

Do you need the next level of professionalism?

Upgrade your account now!