CVE-2004-2394
published 2004-12-31CVE-2004-2394: Off-by-one error in passwd 0.68 and earlier, when using the --stdin option, causes passwd to use the first 78 characters of a password instead of the first 79…
PriorityP46low2.1CVSS 2.0
AVLACLAuNCNIPAN
EPSS
0.36%
28.0th percentile
Off-by-one error in passwd 0.68 and earlier, when using the --stdin option, causes passwd to use the first 78 characters of a password instead of the first 79, which results in a small reduction of the search space required for brute force attacks.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| mandrakesoft | mandrake_linux | — | — |
| mandrakesoft | mandrake_linux | — | — |
| mandrakesoft | mandrake_linux | — | — |
| mandrakesoft | mandrake_linux | — | — |
| mandrakesoft | mandrake_linux | — | — |
| mandrakesoft | mandrake_linux_corporate_server | — | — |
| mandrakesoft | mandrake_multi_network_firewall | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=120060http://www.mandriva.com/security/advisories?name=MDKSA-2004:045http://www.securityfocus.com/bid/10370https://exchange.xforce.ibmcloud.com/vulnerabilities/16178http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=120060http://www.mandriva.com/security/advisories?name=MDKSA-2004:045http://www.securityfocus.com/bid/10370https://exchange.xforce.ibmcloud.com/vulnerabilities/16178
2004-12-31
Published