CVE-2009-0579 (linux-pam)

Linux-PAM before 1.0.4 does not enforce the minimum password age (MINDAYS) as specified in /etc/shadow, which allows local users to bypass intended security policy and change their passwords sooner than specified.

URL: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0579