CVE-2005-2977

Publication date

2005-11-01 02:00:00

Family

redhat

State

PUBLISHED

Description

The SELinux version of PAM before 0.78 r3 allows local users to perform brute force password guessing attacks via unix_chkpwd, which does not log failed guesses or delay its responses.