20 matches found
CVE-2024-37408
A flaw was found in fprintd through version 1.94.3, which lacks a security attention mechanism. This issue causes unexpected actions that may be authorized by "auth sufficient pamfprintd.so" for Sudo...
SUSE CVE-2024-37408
fprintd through 1.94.3 lacks a security attention mechanism, and thus unexpected actions might be authorized by "auth sufficient pamfprintd.so" for Sudo. NOTE: the supplier disputes this because they believe issue resolution would involve modifying the PAM configuration to restrict pamfprintd.so ...
CVE-2024-37408
fprintd through 1.94.3 lacks a security attention mechanism, and thus unexpected actions might be authorized by "auth sufficient pamfprintd.so" for Sudo. NOTE: the supplier disputes this because they believe issue resolution would involve modifying the PAM configuration to restrict pamfprintd.so ...
CVE-2024-37408
fprintd through 1.94.3 lacks a security attention mechanism, and thus unexpected actions might be authorized by "auth sufficient pamfprintd.so" for Sudo. NOTE: the supplier disputes this because they believe issue resolution would involve modifying the PAM configuration to restrict pamfprintd.so ...
CVE-2024-37408
fprintd through 1.94.3 lacks a security attention mechanism, and thus unexpected actions might be authorized by "auth sufficient pamfprintd.so" for Sudo. NOTE: the supplier disputes this because they believe issue resolution would involve modifying the PAM configuration to restrict pamfprintd.so ...
CVE-2024-37408
fprintd through 1.94.3 lacks a security attention mechanism, and thus unexpected actions might be authorized by "auth sufficient pamfprintd.so" for Sudo. NOTE: the supplier disputes this because they believe issue resolution would involve modifying the PAM configuration to restrict pamfprintd.so ...
CVE-2024-37408
Removed by vendor...
PT-2024-27527 · Fprintd · Fprintd
Name of the Vulnerable Software and Affected Versions: fprintd versions 1.94.3 and earlier Description: The issue is related to the lack of a security attention mechanism in fprintd, which may lead to unexpected actions being authorized by auth sufficient pam fprintd.so for Sudo. This could...
CVE-2024-37408
CVE-2024-37408 affects fprintd up to version 1.94.3, where the lack of a security attention mechanism could allow actions authorized by pam_fprintd.so for Sudo. Multiple connected sources (Red Hat, SUSE, Ubuntu, Debian trackers) confirm the issue; some vendors dispute it and suggest PAM configura...
fprintd Security Vulnerabilities
fprintd is a D-Bus service access fingerprint reader open-sourced by libfprint. A security vulnerability exists in fprintd version 1.94.3 and earlier versions, which stems from the lack of a security attention mechanism...
CVE-2024-37408
fprintd through 1.94.3 lacks a security attention mechanism, and thus unexpected actions might be authorized by "auth sufficient pamfprintd.so" for Sudo. NOTE: the supplier disputes this because they believe issue resolution would involve modifying the PAM configuration to restrict pamfprintd.so ...
new packages: fprintd
An update is available for fprintd. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Enterprise...
libfprint bug fix and enhancement update
An update is available for fprintd, libfprint. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...
[SECURITY] Fedora 33 Update: fprintd-1.90.8-1.fc33
D-Bus service to access fingerprint readers...
Fedora: Security Advisory for fprintd (FEDORA-2020-f997de7d0e)
The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
fprintd and libfprint bug fix and enhancement update
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...
dbus-glib pam_fprintd - Local Root Exploit
Exploit for linux platform in category local exploits / darklena. fprintd/pamfprintd local root PoC. However dbus-glib plays an important role. C 2013 Sebastian Krahmer, all rights reversed. pamfprintd uses net.reactivated.Fprint service to trigger finger swiping and registers DBUS signal inside...
Scientific Linux Security Update : dbus-glib on SL5.x, SL6.x i386/x86_64 (20130226)
A flaw was found in the way dbus-glib filtered the message sender message source subject when the 'NameOwnerChanged' signal was received. This could trick a system service using dbus-glib such as fprintd into believing a signal was sent from a privileged process, when it was not. A local attacker...
RHEL 5 / 6 : dbus-glib (RHSA-2013:0568)
Updated dbus-glib packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity ratin...
Important: Red Hat Security Advisory: dbus-glib security update
Updated dbus-glib packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity ratin...