← CVECheck
HomeVulnerabilities

CVE-2000-0118 — HIGH severity vulnerability (The Red Hat Linux su program does not log failed password gu)

The Red Hat Linux su program does not log failed password guesses if the su process is killed before it times out, which allows local attackers to conduct brute force password guessing.

CVE IDCVE-2000-0118
SeverityHIGH
CVSS score7.2
CVSS vectorAV:L/AC:L/Au:N/C:C/I:C/A:C
CWENVD-CWE-Other
StatusModified
Published1999-06-09
Last modified2026-04-16
DescriptionThe Red Hat Linux su program does not log failed password guesses if the su process is killed before it times out, which allows local attackers to conduct brute force password guessing.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →