5 matches found
Fedora 28 : pam_yubico (2018-75fdc70018)
Update to 2.26, fixes CVE-2018-9275 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL...
Fedora Update for pam_yubico FEDORA-2018-75fdc70018
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 27 : pam_yubico (2018-73bd3d14a3)
Update to 2.26, fixes CVE-2018-9275 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL...
CVE-2018-9275
In checkusertoken in util.c in the Yubico PAM module aka pamyubico 2.18 through 2.25, successful logins can leak file descriptors to the auth mapping file, which can lead to information disclosure serial number of a device and/or DoS reaching the maximum number of file descriptors...
CVE-2018-9275
CVE-2018-9275 affects pam_yubico (Yubico PAM module). In check_user_token (util.c), versions 2.18–2.25 can leak file descriptors to the auth mapping file, enabling information disclosure (device serial numbers) and/or DoS by exhausting file descriptors. Public entries indicate remediation by upda...