Published in Mandrake Security Advisory MDSKA-2001:091, dated December 12, 2001.
Mandriva Linux Mandrake 8.1
passwd is a Unix utility used to change a user's password. PAM is a modular system for implementing various authentication methods, and is used by passwd in current Mandrake Linux distributions.
In some distributions of Mandrake, the pam files used by passwd do not include support for md5 encryption. After the installation process is complete, any password changes or new accounts created will not have md5 encrypted passwords. This may result in lower security than anticipated.
No exploit code is required to take advantage of this issue.