Vulnerabilities > CVE-2004-2395 - Unspecified vulnerability in Mandrakesoft products
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN mandrakesoft
nessus
Summary
Memory leak in passwd 0.68 allows local users to cause a denial of service (memory consumption) via a large number of failed read attempts from the password buffer.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 | |
| OS | 10 |
Nessus
| NASL family | Mandriva Local Security Checks |
| NASL id | MANDRAKE_MDKSA-2004-045.NASL |
| description | Steve Grubb found some problems in the passwd program. Passwords given to passwd via stdin are one character shorter than they are supposed to be. He also discovered that pam may not have been sufficiently initialized to ensure safe and proper operation. A few small memory leaks have been fixed as well. The updated packages are patched to correct these problems. |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 14144 |
| published | 2004-07-31 |
| reporter | This script is Copyright (C) 2004-2019 Tenable Network Security, Inc. |
| source | https://www.tenable.com/plugins/nessus/14144 |
| title | Mandrake Linux Security Advisory : passwd (MDKSA-2004:045) |
References
- http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=120060
- http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=120060
- http://www.mandriva.com/security/advisories?name=MDKSA-2004:045
- http://www.mandriva.com/security/advisories?name=MDKSA-2004:045
- http://www.securityfocus.com/bid/10370
- http://www.securityfocus.com/bid/10370
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16180
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16180