9 matches found
RHEL 6 : pam (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - pam: path traversal issue in pamtimestamp's formattimestampname CVE-2014-2583 - The pamuserdb module for...
Mageia: Security Advisory (MGASA-2015-0213)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2014:0631-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
NewStart CGSL CORE 5.04 / MAIN 5.04 : pam Multiple Vulnerabilities (NS-SA-2019-0198)
The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has pam packages installed that are affected by multiple vulnerabilities: - pamunix.so in Linux-PAM 0.99.7.0 allows context- dependent attackers to log into accounts whose password hash, as stored in /etc/passwd or /etc/shadow,...
GLSA-201605-05 : Linux-PAM: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-201605-05 Linux-PAM: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Linux-PAM. Please review the CVE identifiers referenced below for details. Impact : Remote attackers could cause Denial of Service,...
Fedora Update for pam FEDORA-2014-16350
Check the version of pam SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.868616";...
SuSE 11.3 Security Update : pam (SAT Patch Number 9119)
This update changes the broken default behavior of pampwhistory to not enforce checks when the root user requests password changes. In order to enforce pwhistory checks on the root user, the 'enforceforroot' parameter needs to be set for the pampwhistory.so module. This pam update fixes the...
CVE-2014-2583
Multiple directory traversal vulnerabilities in pamtimestamp.c in the pamtimestamp module for Linux-PAM aka pam 1.1.8 allow local users to create arbitrary files or possibly bypass authentication via a .. dot dot in the 1 PAMRUSER value to the getruser function or 2 PAMTTY value to the checktty...
Linux-PAM "pam_timestamp"模块目录遍历漏洞
CVE ID:CVE-2014-2583 Linux-PAM是一款基于Linux的插入式验证模块。 通过PAMRUSER和PAMTTY传递的输入在用于创建文件时缺少校验,允许攻击者利用漏洞通过特制的PAMRUSER或PAMTTY值来绕过验证或创建任意文件。 0 Linux-PAM 1.x 目前厂商已经发布了升级补丁以修复漏洞,请下载使用: https://git.fedorahosted.org/cgit/linux-pam.git/commit/?id=Linux-PAM-118-32-g9dcead8...