CVE-2009-0579

NONE EPSS 27.1%
Published Apr 16, 200917y ago · Modified Jun 16, 20262w ago
Find Similar
Published Apr 16, 2009 17y ago
Last Modified Jun 16, 2026 2w ago

Description

Linux-PAM before 1.0.4 does not enforce the minimum password age (MINDAYS) as specified in /etc/shadow, which allows local users to bypass intended security policy and change their passwords sooner than specified.

Threat Intelligence

EPSS Exploit Probability
27.1% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-264

Affected Products 21

VendorProductVersionRange
linux-pamlinux-pam* ≤1.0.4
linux-pamlinux-pam0.99.1.0any
linux-pamlinux-pam0.99.2.0any
linux-pamlinux-pam0.99.2.1any
linux-pamlinux-pam0.99.3.0any
linux-pamlinux-pam0.99.4.0any
linux-pamlinux-pam0.99.5.0any
linux-pamlinux-pam0.99.6.0any
linux-pamlinux-pam0.99.6.1any
linux-pamlinux-pam0.99.6.2any
linux-pamlinux-pam0.99.6.3any
linux-pamlinux-pam0.99.7.0any
linux-pamlinux-pam0.99.7.1any
linux-pamlinux-pam0.99.8.0any
linux-pamlinux-pam0.99.8.1any
linux-pamlinux-pam0.99.9.0any
linux-pamlinux-pam0.99.10.0any
linux-pamlinux-pam1.0.0any
linux-pamlinux-pam1.0.1any
linux-pamlinux-pam1.0.2any
linux-pamlinux-pam1.0.3any

References 7

  • bugs.debian.org http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=514437
  • secunia.com http://secunia.com/advisories/34728
    Vendor Advisory
  • secunia.com http://secunia.com/advisories/34733
    Vendor Advisory
  • bugzilla.redhat.com https://bugzilla.redhat.com/show_bug.cgi?id=487216
    Patch
  • redhat.com https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00398.html
  • redhat.com https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00420.html
    PatchVendor Advisory
  • redhat.com https://www.redhat.com/archives/pam-list/2009-March/msg00006.html
    Vendor Advisory

Remediation

  • bugzilla.redhat.com https://bugzilla.redhat.com/show_bug.cgi?id=487216
    Patch
  • redhat.com https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00420.html
    PatchVendor Advisory