cbcvebase.
CVE-2004-2394
published 2004-12-31

CVE-2004-2394: Off-by-one error in passwd 0.68 and earlier, when using the --stdin option, causes passwd to use the first 78 characters of a password instead of the first 79…

PriorityP46low2.1CVSS 2.0
AVLACLAuNCNIPAN
EPSS
0.36%
28.0th percentile
Off-by-one error in passwd 0.68 and earlier, when using the --stdin option, causes passwd to use the first 78 characters of a password instead of the first 79, which results in a small reduction of the search space required for brute force attacks.

Affected

7 ranges
VendorProductVersion rangeFixed in
mandrakesoftmandrake_linux
mandrakesoftmandrake_linux
mandrakesoftmandrake_linux
mandrakesoftmandrake_linux
mandrakesoftmandrake_linux
mandrakesoftmandrake_linux_corporate_server
mandrakesoftmandrake_multi_network_firewall
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.