11 matches found
CVE-2026-9798
A flaw was found in Keycloak, an open-source identity and access management solution. When a user account is temporarily locked due to repeated failed login attempts, an attacker with valid client credentials can exploit the Client-Initiated Backchannel Authentication CIBA flow to bypass this...
EUVD-2008-1945
Malware in sbrugna...
How to Reset Account Lockout for 'Managed Hardened Repository ISO by Veeam'
Purpose This article documents how to unlock the accounts used with the Managed Hardened Repository ISO by Veeam, veeamsvc or vhradmin, when they become locked out. The Managed Hardened Repository ISO by Veeam deploys Rocky Linux with the DISA STIG security profile, which utilizes faillock to loc...
Malleability remedied in Salt
Salt Project has fixed a vulnerability in Salt. A malicious person who has a locked user account can still perform actions under privileges of this account. Systems are vulnerable only when PAM authentication is used. Salt Project has released updates to fix the vulnerability fix in Salt 3002.9,...
Citrix Receiver: Difference of Logon Experience When Logon StoreFront with a Locked Account by Using Username/password and Smart Card
This article is intended for Citrix administrators and technical teams only.Non-admin users must contact their company’s Help Desk/IT support team and can refer toCTX297149for more information This article describes user experience of using Pass-throughwith username and password or smart card log...
Facebook Letting Users Designate 'Guardian Angel' Friends To Restore Locked Accounts
Social networking giant Facebook said on Thursday that it is testing a feature that will allow users to designate certain friends as ‘guardian angels’ entrusted with helping the user to recover a locked or hijacked account. The company, which has already experimented with forms of “social...
DEBIAN-CVE-2008-1946
The default configuration of su in /etc/pam.d/su in GNU coreutils 5.2.1 allows local users to gain the privileges of a 1 locked or 2 expired account by entering the account name on the command line, related to improper use of the pamsucceedif.so module...
CVE-2008-1946
The default configuration of su in /etc/pam.d/su in GNU coreutils 5.2.1 allows local users to gain the privileges of a 1 locked or 2 expired account by entering the account name on the command line, related to improper use of the pamsucceedif.so module...
CVE-2008-1946
The default configuration of su in /etc/pam.d/su in GNU coreutils 5.2.1 allows local users to gain the privileges of a 1 locked or 2 expired account by entering the account name on the command line, related to improper use of the pamsucceedif.so module...
CVE-2008-1946
The default configuration of su in /etc/pam.d/su in GNU coreutils 5.2.1 allows local users to gain the privileges of a 1 locked or 2 expired account by entering the account name on the command line, related to improper use of the pamsucceedif.so module...
/etc/pam.d/su is wrong in RHEL-4.6
The default configuration of su in /etc/pam.d/su in GNU coreutils 5.2.1 allows local users to gain the privileges of a 1 locked or 2 expired account by entering the account name on the command line, related to improper use of the pamsucceedif.so module...