331 matches found
USN-310-1: ppp vulnerability
Marcus Meissner discovered that the winbind plugin of pppd does not check the result of the setuid call. On systems that configure PAM limits for the maximum number of user processes and enable the winbind plugin, a local attacker could exploit this to execute the winbind NTLM authentication help...
[Full-disclosure] [USN-310-1] ppp vulnerability
=========================================================== Ubuntu Security Notice USN-310-1 July 05, 2006 ppp vulnerability CVE-2006-2194 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 5.10 Ubuntu 6.06 LTS This advisory...
CVE-2006-2194
The winbind plugin in pppd for ppp 2.4.4 and earlier does not check the return code from the setuid function call, which might allow local users to gain privileges by causing setuid to fail, such as exceeding PAM limits for the maximum number of user processes, which prevents the winbind NTLM...
DEBIAN-CVE-2006-2194
The winbind plugin in pppd for ppp 2.4.4 and earlier does not check the return code from the setuid function call, which might allow local users to gain privileges by causing setuid to fail, such as exceeding PAM limits for the maximum number of user processes, which prevents the winbind NTLM...
Authentication flaw
The winbind plugin in pppd for ppp 2.4.4 and earlier does not check the return code from the setuid function call, which might allow local users to gain privileges by causing setuid to fail, such as exceeding PAM limits for the maximum number of user processes, which prevents the winbind NTLM...
CVE-2006-2194
The winbind plugin in pppd for ppp 2.4.4 and earlier does not check the return code from the setuid function call, which might allow local users to gain privileges by causing setuid to fail, such as exceeding PAM limits for the maximum number of user processes, which prevents the winbind NTLM...
CVE-2006-2194
The winbind plugin in pppd for ppp 2.4.4 and earlier does not check the return code from the setuid function call, which might allow local users to gain privileges by causing setuid to fail, such as exceeding PAM limits for the maximum number of user processes, which prevents the winbind NTLM...
CVE-2006-2194
CVE-2006-2194 affects the winbind plugin in pppd (PPP, v2.4.4 and earlier). The code does not verify the success of setuid() when dropping privileges, which can fail under PAM limits and allow a local attacker to run the winbind NTLM authentication helper with elevated privileges. Impact is local...
CVE-2006-2194
The winbind plugin in pppd for ppp 2.4.4 and earlier does not check the return code from the setuid function call, which might allow local users to gain privileges by causing setuid to fail, such as exceeding PAM limits for the maximum number of user processes, which prevents the winbind NTLM...
Fedora Core 1 : samba-3.0.6-2.FC1 (2004-284)
Wed Aug 25 2004 Jay Fenlason 3.0.6-1.FC2 - Upgrade to 3.0.6 include the following patches: samba-3.0.5rc1-passwd.patch from me. This changes the character used in the password field of the entries generated by winbind from a 'x' to a ''. 'x' means something special 'password is in /etc/shadow' to...
RHEL 3 : samba (RHSA-2004:064)
Updated Samba packages that fix a security vulnerability are now available. Samba provides file and printer sharing services to SMB/CIFS clients. The Samba team discovered an issue that affects version 3.0.0 and 3.0.1 of Samba. If an account for a user is created, but marked as disabled using the...