Pacemaker 授权问题漏洞

Pacemaker is a scalable, high-availability cluster resource manager. An authorization issue vulnerability exists in pcs in the Pacemaker management tool that stems from the pcs daemon allowing accounts with expired accounts and passwords to log in when using PAM authentication...

sssd bug fix and enhancement update

An update is available for sssd. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The System Security Services Daemon SSSD service provides a set of daemons to...

ALBA-2021:4541 sssd bug fix and enhancement update

The System Security Services Daemon SSSD service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch NSS and the Pluggable Authentication Modules PAM interfaces toward the system, and a pluggable back-end system ...

sssd bug fix and enhancement update

The System Security Services Daemon SSSD service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch NSS and the Pluggable Authentication Modules PAM interfaces toward the system, and a pluggable back-end system ...

UBUNTU-CVE-2020-35662

In SaltStack Salt before 3002.5, when authenticating to services using certain modules, the SSL certificate is not always validated...

Fedora: Security Advisory for pam (FEDORA-2020-bd83344365)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 33 Update: pam-1.4.0-9.fc33

PAM Pluggable Authentication Modules is a system security tool that allows system administrators to set authentication policy without having to recompile programs that handle authentication...

Fedora: Security Advisory for pam (FEDORA-2020-22532a1a81)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

In Wild Critical Buffer Overflow Vulnerability in Solaris Can Allow Remote Takeover — CVE-2020-14871

FireEye Mandiant has been investigating compromised Oracle Solaris machines in customer environments. During our investigations, we discovered an exploit tool on a customer’s system and analyzed it to see how it was attacking their Solaris environment. The FLARE team’s Offensive Task Force analyz...

Denial Of Service (DoS)

Pluggable Authentication Modules PAM is vulnerable to Denial of Service DoS. The checkacl function in pamxauth.c in the pamxauth module in Linux-PAM does not verify that a certain ACL file is a regular file, which might allow local users to cause a denial of service resource consumption via a...

Remote Code Execution (RCE)

Pluggable Authentication Modules PAM is vulnerable to remote code execution RCE. It was discovered that the pamxauth module did not verify the return values of the setuid and setgid system calls. A local, unprivileged user could use this flaw to execute the xauth command with root privileges and...

Privilege Escalation

Pluggable Authentication Modules PAM is vulnerable to Privilege Escalation. A flaw was found in the way pamconsole set console device permissions. It was possible for various console devices to retain ownership of the console user after logging out, possibly leaking information to another local...

CentOS 7 : keycloak-httpd-client-install (CESA-2019:2137)

An update for keycloak-httpd-client-install is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Security Bulletin: A vulnerability in Pluggable Authentication Modules (PAM) affects IBM Security Network Protection (CVE-2015-3238)

Summary Pluggable Authentication Modules PAM provide a system whereby administrators can set up authentication policies without having to recompile programs to handle authentication. A security vulnerability has been discovered in PAM used with IBM Security Network Protection. Vulnerability Detai...

CVE-2018-1419

IBM WebSphere MQ 8.0 and 9.0, when configured to use a PAM module for authentication, could allow a user to cause a deadlock in the IBM MQ PAM code which could result in a denial of service. IBM X-Force ID: 138949...

CentOS 7 : sssd (CESA-2017:3379)

An update for sssd is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

PYSEC-2017-33

Salt before 2015.5.10 and 2015.8.x before 2015.8.8, when PAM external authentication is enabled, allows attackers to bypass the configured authentication service by passing an alternate service with a command sent to LocalClient...

openssh: Privilege separation weakness related to PAM support

A flaw was found in the way OpenSSH handled PAM authentication when using privilege separation. An attacker with valid credentials on the system and able to fully compromise a non-privileged pre-authentication process using a different flaw could use this flaw to authenticate as other users...

USN-2935-3: PAM regression

USN-2935-1 fixed vulnerabilities in PAM. The updates contained a packaging change that prevented upgrades in certain multiarch environments. USN-2935-2 intended to fix the problem but was incomplete for Ubuntu 12.04 LTS. This update fixes the problem in Ubuntu 12.04 LTS. We apologize for the...

USN-2935-2 pam regression

USN-2935-1 fixed vulnerabilities in PAM. The updates contained a packaging change that prevented upgrades in certain multiarch environments. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that the PAM pamuserdb module incorrectly us...