sssd: DoS in sssd PAM responder can prevent logins

The pamparseindatav2 function in src/responder/pam/pamsrvcmd.c in the PAM responder in SSSD 1.5.0, 1.4.x, and 1.3 allows local users to cause a denial of service infinite loop, crash, and login prevention via a crafted packet...

DEBIAN-CVE-2010-3435

The 1 pamenv and 2 pammail modules in Linux-PAM aka pam before 1.1.2 use root privileges during read access to files and directories that belong to arbitrary user accounts, which might allow local users to obtain sensitive information by leveraging this filesystem activity, as demonstrated by a...

Fedora Update for pam FEDORA-2010-17155

Check for the Version of pam OpenVAS Vulnerability Test Fedora Update for pam FEDORA-2010-17155 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...

CentOS 5 : pam (CESA-2010:0819)

Updated pam packages that fix three security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

Fedora Update for pam FEDORA-2010-17133

Check for the Version of pam OpenVAS Vulnerability Test Fedora Update for pam FEDORA-2010-17133 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...

[SECURITY] Fedora 12 Update: pam-1.1.1-6.fc12

PAM Pluggable Authentication Modules is a system security tool that allows system administrators to set authentication policy without having to recompile programs that handle authentication...

Moderate: Red Hat Security Advisory: pam security update

Updated pam packages that fix three security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

RedHat Update for pam RHSA-2010:0819-01

Check for the Version of pam OpenVAS Vulnerability Test RedHat Update for pam RHSA-2010:0819-01 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...

Fedora Update for pam FEDORA-2010-17112

Check for the Version of pam OpenVAS Vulnerability Test Fedora Update for pam FEDORA-2010-17112 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...

RedHat Update for pam RHSA-2010:0819-01

Check for the Version of pam OpenVAS Vulnerability Test RedHat Update for pam RHSA-2010:0819-01 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...

[SECURITY] Fedora 13 Update: pam-1.1.1-6.fc13

PAM Pluggable Authentication Modules is a system security tool that allows system administrators to set authentication policy without having to recompile programs that handle authentication...

pam security update

CentOS Errata and Security Advisory CESA-2010:0819 Updated pam packages that fix three security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base score...

pam: pam_env and pam_mail accessing users' file with root privileges

The 1 pamenv and 2 pammail modules in Linux-PAM aka pam before 1.1.2 use root privileges during read access to files and directories that belong to arbitrary user accounts, which might allow local users to obtain sensitive information by leveraging this filesystem activity, as demonstrated by a...

Moderate: Red Hat Security Advisory: pam security update

Updated pam packages that fix three security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

PT-2010-1042 · Linux +1 · Linux-Pam +1

Name of the Vulnerable Software and Affected Versions: Linux-PAM versions prior to 1.1.2 Red Hat Enterprise Linux pam-devel version 1.1.1 Red Hat Enterprise Linux pam-debuginfo version 1.1.1 Red Hat Enterprise Linux pam version 1.1.1 Description: The issue concerns multiple vulnerabilities in the...

USN-959-2: PAM vulnerability

USN-959-1 fixed vulnerabilities in PAM. This update provides the corresponding updates for Ubuntu 10.10. Original advisory details: Denis Excoffier discovered that the PAM MOTD module in Ubuntu did not correctly handle path permissions when creating user file stamps. A local attacker could exploi...

Authentication flaw

pam-auth-update for PAM, as used in Ubuntu 8.10 and 9.4, and Debian GNU/Linux, does not properly handle an "empty selection" for system authentication modules in certain rare configurations, which causes any attempt to be successful and allows remote attackers to bypass authentication...

Linux-PAM: Privilege escalation

Background Linux-PAM Pluggable Authentication Modules is an architecture allowing the separation of the development of privilege granting software from the development of secure and appropriate authentication schemes. Description Marcus Granado repoted that Linux-PAM does not properly handle user...

[SECURITY] Fedora 9 Update: pam-1.0.4-4.fc9

PAM Pluggable Authentication Modules is a system security tool that allows system administrators to set authentication policy without having to recompile programs that handle authentication...

[SECURITY] Fedora 10 Update: pam-1.0.4-4.fc10

PAM Pluggable Authentication Modules is a system security tool that allows system administrators to set authentication policy without having to recompile programs that handle authentication...