The Red Hat Linux su program does not log failed password guesses if the su process is killed before it times out, which allows local malicious users to conduct brute force password guessing.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
redhat linux 3.0.3 |
||
redhat linux 4.0 |
||
redhat linux 5.2 |
||
redhat linux 6.0 |
||
sun sunos - |
||
sun sunos 4.1.4 |
||
sun sunos 5.1 |
||
sun sunos 5.2 |
||
redhat linux 4.1 |
||
redhat linux 4.2 |
||
redhat linux 6.1 |
||
sun solaris 1.1.3 |
||
sun sunos 5.3 |
||
sun sunos 5.4 |
||
redhat linux 5.0 |
||
redhat linux 5.1 |
||
sun solaris 1.1.4 |
||
sun solaris 2.4 |
||
sun sunos 5.5 |
||
redhat linux 2.0 |
||
redhat linux 2.1 |
||
sun solaris |
||
sun sunos 4.1.3 |
||
sun sunos 5.0 |