4 matches found
K000151330: Oath Toolkit vulnerability CVE-2024-47191
Security Advisory Description pamoath.so in oath-toolkit 2.6.7 through 2.6.11 before 2.6.12 allows root privilege escalation because, in the context of PAM code running as root, it mishandles usersfile access, such as by calling fchown in the presence of a symlink. CVE-2024-47191 Impact There is ...
Azure Linux 3.0 Security Update: oath-toolkit (CVE-2024-47191)
The version of oath-toolkit installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-47191 advisory. - pamoath.so in oath-toolkit 2.6.7 through 2.6.11 before 2.6.12 allows root privilege escalation because...
USN-7059-2: OATH Toolkit vulnerability
USN-7059-1 fixed a vulnerability in OATH Toolkit library. This update provides the corresponding update for Ubuntu 24.10. Original advisory details: Fabian Vogt discovered that OATH Toolkit incorrectly handled file permissions. A remote attacker could possibly use this issue to overwrite root own...
OATH Toolkit 安全漏洞
OATH Toolkit is an open source toolkit from deepin. A security vulnerability exists in OATH Toolkit versions 2.6.7 through 2.6.11, which stems from a PAM module that allows a malicious user to compromise the environment when placing an OTP status file in a user's home directory...