3 matches found
CVE-2012-6140
pamgoogleauthenticator.c in the PAM module in Google Authenticator before 1.0 requires user-readable permissions for the secret file, which allows local users to bypass intended access restrictions and discover a shared secret via standard filesystem operations, a different vulnerability than...
CVE-2012-6140
pamgoogleauthenticator.c in the PAM module in Google Authenticator before 1.0 requires user-readable permissions for the secret file, which allows local users to bypass intended access restrictions and discover a shared secret via standard filesystem operations, a different vulnerability than...
CVE-2012-6140
CVE-2012-6140 involves the pam_google_authenticator.c PAM module in Google Authenticator, vulnerable before 1.0. The root cause is that the secret file must have user-readable permissions, allowing local users to bypass access constraints and read the shared secret via standard filesystem operati...