Two problems have been discovered in the libpam-radius-auth package,
the PAM RADIUS authentication module. The Common Vulnerabilities and
Exposures Project identifies the following problems:
CAN-2004-1340
The Debian package accidentally installed its configuration file
/etc/pam_radius_auth.conf world-readable. Since it may possibly
contain secrets all local users are able to read them if the
administrator hasn’t adjusted file permissions. This problem is
Debian specific.
CAN-2005-0108
Leon Juranic discovered an integer underflow in the mod_auth_radius
module for Apache which is also present in libpam-radius-auth.
For the stable distribution (woody) these problems have been fixed in
version 1.3.14-1.3.
For the unstable distribution (sid) these problems have been fixed in
version 1.3.16-3.
We recommend that you upgrade your libpam-radius-auth package.
CPE | Name | Operator | Version |
---|---|---|---|
libpam-radius-auth | eq | 1.3.14-1 |