4 matches found
CVE-2020-27743
libtac in pamtacplus through 1.5.1 lacks a check for a failure of RANDbytes/RANDpseudobytes. This could lead to use of a non-random/predictable sessionid...
Photon OS 2.0: Pam_Tacplus PHSA-2020-2.0-0295
An update of the pamtacplus package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2020-2.0-0295. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
CVE-2020-27743
creationtimestamp| type| source ---|---|--- 2020-10-27 01:29:22+00:00| seen| https://t.me/cibsecurity/15595...
CVE-2020-27743
The CVE-2020-27743 entry affects libtac in pam_tacplus up to version 1.5.1, where RAND_bytes()/RAND_pseudo_bytes() failures are not checked. This can allow a non-random/predictable session_id, enabling partial confidentiality/integrity risk as described in the CVE. Affected platforms include Phot...