The Red Hat Linux su program does not log failed password guesses if the su process is killed before it times out, which allows local attackers to conduct brute force password guessing.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
http://marc.info/?l=bugtraq&m=94935300520617&w=2 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2000-02-08T05:00:00
Updated: 2024-08-08T05:05:53.936Z
Reserved: 2000-02-08T00:00:00
Link: CVE-2000-0118
Vulnrichment
No data.
NVD
Status : Modified
Published: 1999-06-09T04:00:00.000
Modified: 2024-11-20T23:31:45.607
Link: CVE-2000-0118
Redhat
No data.