security.nuyts.tech
CVE-2005-2977 – NuytsTech Security
The SELinux version of PAM before 0.78 r3 allows local users to perform brute force password guessing attacks via unix_chkpwd, which does not log failed guesses
