|
|
Log in / Subscribe / Register

checkpw: denial of service

Package(s):checkpw CVE #(s):CVE-2015-0885
Created:March 17, 2015 Updated:March 18, 2015
Description: From the Debian advisory:

Hiroya Ito of GMO Pepabo, Inc. reported that checkpw, a password authentication program, has a flaw in processing account names which contain double dashes. A remote attacker can use this flaw to cause a denial of service (infinite loop).

Alerts:
Debian-LTS DLA-191-1 checkpw 2015-04-09
Debian DSA-3192-1 checkpw 2015-03-17
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds