CVE-2009-0579

EPSS 0.06%

Published: 4/16/2009Modified: 4/28/2026

Also known as:DEBIAN-CVE-2009-0579

Description

Linux-PAM before 1.0.4 does not enforce the minimum password age (MINDAYS) as specified in /etc/shadow, which allows local users to bypass intended security policy and change their passwords sooner than specified.

Affected packages (1)

Debian/pamfrom 0, < 1.0.1-10

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2009-0579