CVE-2002-1227

EPSS 0.72%

Published: 10/28/2002Modified: 4/28/2026

Also known as:DEBIAN-CVE-2002-1227

Description

PAM 0.76 treats a disabled password as if it were an empty (null) password, which allows local and remote attackers to gain privileges as disabled users.

Affected packages (1)

Debian/pamfrom 0, < 0.76-6

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2002-1227