Your submission was sent successfully! Close

CVE-2013-7041

Published: 8 May 2014

The pam_userdb module for Pam uses a case-insensitive method to compare hashed passwords, which makes it easier for attackers to guess the password via a brute force attack.

Priority

Low

Status

Package Release Status
pam
Launchpad, Ubuntu, Debian
lucid Ignored
(reached end-of-life)
precise
Released (1.1.3-7ubuntu2.1)
quantal Ignored
(reached end-of-life)
raring Ignored
(reached end-of-life)
saucy Ignored
(reached end-of-life)
trusty
Released (1.1.8-1ubuntu2.1)
upstream
Released (1.1.8-3.1)
utopic Ignored
(reached end-of-life)
vivid Not vulnerable
(1.1.8-3.1ubuntu3)
wily Not vulnerable
(1.1.8-3.1ubuntu3)
Patches:
vendor: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=731368