Family: Mandrake Local Security Checks --> Category: infos
MDKSA-2004:045: passwd Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the passwd package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory MDKSA-2004:045 (passwd).
Steve Grubb found some problems in the passwd program. Passwords given to passwd
via stdin are one character shorter than they are supposed to be. He also
discovered that pam may not have been sufficiently initialized to ensure safe
and proper operation. A few small memory leaks have been fixed as well.
The updated packages are patched to correct these problems.
Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2004:045
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.