MiracleLinux 3 : krb5-1.6.1-17AXS3.1 (AXSA:2008-153:02)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2008-153:02 advisory. Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of...

MiracleLinux 3 : krb5-1.6.1-17AXS3.1 (AXSA:2008-345:03)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2008-345:03 advisory. Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of...

[SECURITY] Fedora 42 Update: fscrypt-0.3.5-2.fc42

fscrypt is a high-level tool for the management of Linux filesystem encryptio n. This tool manages metadata, key generation, key wrapping, PAM integration, and provides a uniform interface for creating and modifying encrypted directories...

[SECURITY] Fedora 41 Update: fscrypt-0.3.5-2.fc41

fscrypt is a high-level tool for the management of Linux filesystem encryptio n. This tool manages metadata, key generation, key wrapping, PAM integration, and provides a uniform interface for creating and modifying encrypted directories...

OPENSUSE-SU-2019:2175-1 Security update for util-linux and shadow

This update for util-linux and shadow fixes the following issues: util-linux: - Fixed an issue where PATH settings in /etc/default/su being ignored bsc1121197 - Prevent outdated pam files bsc1082293. - Do not trim read-only volumes bsc1106214. - Integrate pamkeyinit pam module to login bsc1081947...

Updated libpam4j package fixes security vulnerability

It was discovered that libpam4j, a Java library wrapper for the integration of PAM did not call pamacctmgmt during authentication. As such a user who has a valid password, but a deactivated or disabled account could still log in CVE-2017-12197...

Debian DSA-4025-1 : libpam4j - security update

It was discovered that libpam4j, a Java library wrapper for the integration of PAM did not call pamacctmgmt during authentication. As such a user who has a valid password, but a deactivated or disabled account could still log in. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptiv...

[SECURITY] [DSA 4025-1] libpam4j security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4025-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff November 08, 2017 https://www.debian.org/security/faq -...

AZL-6778 CVE-2007-2768 affecting package openssh for versions less than 8.8p1-2

OpenSSH, when using OPIE One-Time Passwords in Everything for PAM, allows remote attackers to determine the existence of certain user accounts, which displays a different response if the user account exists and is configured to use one-time passwords OTP, a similar issue to CVE-2007-2243...

qpopper and pam.d

Hello, Take a look at the two sessions I have with Qpopper on a Redhat Linux 7.x box from an RPM package of version 4.0.1. Existing account: root@bart /etc telnet 10.10.10.1 110 Trying 10.10.10.1... Connected to 10.10.10.1. Escape character is '^'. +OK ready [email protected] user...