CVE-2005-2977

Description

The SELinux version of PAM before 0.78 r3 allows local users to perform brute force password guessing attacks via unix_chkpwd, which does not log failed guesses or delay its responses.

Affected packages (1)

• Debian/pamfrom 0, < 0.99.7.1-2

References (1)

• ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2005-2977