{"id":"CVE-2002-1227","details":"PAM 0.76 treats a disabled password as if it were an empty (null) password, which allows local and remote attackers to gain privileges as disabled users.","modified":"2026-04-10T03:34:18.710470Z","published":"2002-10-28T05:00:00Z","references":[{"type":"ADVISORY","url":"http://www.debian.org/security/2002/dsa-177"},{"type":"ADVISORY","url":"http://www.iss.net/security_center/static/10405.php"},{"type":"FIX","url":"http://www.debian.org/security/2002/dsa-177"},{"type":"WEB","url":"http://www.securityfocus.com/bid/5994"}],"schema_version":"1.7.5"}