CVE-2013-7041

Published: 08 May 2014

The pam_userdb module for Pam uses a case-insensitive method to compare hashed passwords, which makes it easier for attackers to guess the password via a brute force attack.

Priority

Low

Status

Package Release Status
pam
Launchpad, Ubuntu, Debian
Upstream
Released (1.1.8-3.1)
Ubuntu 14.04 ESM (Trusty Tahr)
Released (1.1.8-1ubuntu2.1)
Patches:
Vendor: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=731368