The PAM implementation in /bin/login of the util-linux package before 2.11 causes a password entry to be rewritten across multiple PAM calls, which could provide the credentials of one user to a different user, when used in certain PAM modules such as pam_limits.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2002-06-25T04:00:00
Updated: 2002-03-22T10:00:00
Reserved: 2002-03-15T00:00:00
Link: CVE-2001-1147
JSON object: View
NVD Information
Status : Analyzed
Published: 2001-10-08T04:00:00.000
Modified: 2008-09-05T20:25:48.437
Link: CVE-2001-1147
JSON object: View
Redhat Information
No data.
CWE