CVE-2004-0041 Information

Description

The mod_auth_shadow module 1.4 and earlier does not properly enforce the expiration of a user account and password which could allow remote authenticated users to bypass intended access restrictions.

Reference

http://secunia.com/advisories/10612 http://www.debian.org/security/2004/dsa-421 http://www.osvdb.org/3454 http://www.securityfocus.com/bid/9404 http://www.securitytracker.com/id?1008675