CVE-2001-1190 — Mandrake Linux vulnerability

3 documents3 sources

Severity

4.6MEDIUMNVD

EPSS

0.1%

top 77.56%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mandrakesoft Mandrake Linux

Timeline

PublishedDec 12

Latest updateApr 30

Description

The default PAM files included with passwd in Mandrake Linux 8.1 do not support MD5 passwords, which could result in a lower level of password security than intended.

CVSS vector

AV:L/AC:L/C:P/I:P/A:PExploitability: 3.9 | Impact: 6.4

Affected Packages1 packages

▶NVDmandrakesoft/mandrake_linux8.1

Patches

Patch: www.iss.net ↗Patch: www.linux-mandrake.com ↗Patch: www.securityfocus.com ↗

🔴Vulnerability Details

GHSA

GHSA-h688-r377-w983: The default PAM files included with passwd in Mandrake Linux 8↗2022-04-30

▶

CVEList

CVE-2001-1190: The default PAM files included with passwd in Mandrake Linux 8↗2002-03-15

▶