Unauthenticated Local Privilege Escalation in Shadow 4.0.4.1

Unauthenticated Local Privilege Escalation in Shadow 4.0.4.1

CVE-2004-1001 · MEDIUM Severity

AV:L/AC:L/AU:N/C:P/I:P/A:P

Unknown vulnerability in the passwd_check function in Shadow 4.0.4.1, and possibly other versions before 4.0.5, allows local users to conduct unauthorized activities when an error from a pam_chauthtok function call is not properly handled.

Learn more about our User Device Pen Test.