8 matches found
BELL-CVE-2020-27780 CVE-2020-27780 does not affect BellSoft software
Bulletin has no description...
CVE-2020-27780 affecting package pam 1.3.1-4
CVE-2020-27780 affecting package pam 1.3.1-4. An upgraded version of the package is available that resolves this issue...
CVE-2020-27780
A flaw was found in Linux-Pam in versions prior to 1.5.1 in the way it handle empty passwords for non-existing users. When the user doesn't exist PAM try to authenticate with root and in the case of an empty password it successfully authenticate...
CVE-2020-27780
Linux-PAM (pam) prior to version 1.5.1 is vulnerable to an authentication bypass: if a non-existent username is supplied and the root password is empty, PAM may authenticate as root. Affected: pam components in Linux-PAM before 1.5.1. Root cause: handling of empty passwords for non-existing users...
CVE-2020-27780
A flaw was found in Linux-Pam in versions prior to 1.5.1 in the way it handle empty passwords for non-existing users. When the user doesn't exist PAM try to authenticate with root and in the case of an empty password it successfully authenticate...
Fedora 32 : pam (2020-bd83344365)
fix CVE-2020-27780: authentication bypass when the user doesn't exist Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing...
[ASA-202012-13] pam: authentication bypass
Arch Linux Security Advisory ASA-202012-13 ========================================== Severity: High Date : 2020-12-09 CVE-ID : CVE-2020-27780 Package : pam Type : authentication bypass Remote : No Link : https://security.archlinux.org/AVG-1297 Summary ======= The package pam before version 1.5.0...
Fedora: Security Advisory for pam (FEDORA-2020-22532a1a81)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...