32 matches found
Azure Linux 3.0 Security Update: pam (CVE-2024-10963)
The version of pam installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-10963 advisory. - A flaw was found in pamaccess, where certain rules in its configuration file are mistakenly treated as hostname...
Siemens SIMATIC S7-1500 Improper Authentication (CVE-2022-28321)
The Linux-PAM package before 1.5.2-6.1 for openSUSE Tumbleweed allows authentication bypass for SSH logins. The pamaccess.so module doesn't correctly restrict login if a user tries to connect from an IP address that is not resolvable via DNS. In such conditions, a user with denied access to a...
EUVD-1999-1329
Malware in sbrugna...
ROS-20251006-07
The vulnerability of the pamaccess component of the access.conf file of the Linux-PAM authentication module is related to the flaws in the authentication procedure. Exploitation of the vulnerability could allow an attacker acting remotely to bypass existing security restrictions and gain access t...
EUVD-2024-47596
Malicious code in bioql PyPI...
Ubuntu: Security Advisory (USN-7761-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Linux Distros Unpatched Vulnerability : CVE-2024-10963
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in pamaccess, where certain rules in its configuration file are mistakenly treated as hostnames. This vulnerability allows attackers to trick t...
SUSE-SU-2025:20229-1 Security update for pam
This update for pam fixes the following issues: - CVE-2024-10963: Fixed improper hostname interpretation inpamaccess that could lead to access control bypass bsc1233078...
Security update for pam
This update for pam fixes the following issues: CVE-2024-10963: Fixed improper hostname interpretation inpamaccess that could lead to access control bypass bsc1233078 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
SUSE-SU-2025:20104-1 Security update for pam
This update for pam fixes the following issues: - CVE-2024-10963: Fixed improper hostname interpretation in pamaccess that could lead to access control bypass bsc1233078...
CLSA-2024-1735300164 pam: Fix of CVE-2024-10963
CVE-2024-10963: pamaccess: rework resolving of tokens as hostname...
Pam: improper hostname interpretation in pam_access leads to access control bypass
...
OESA-2024-2501 pam security update
PAM Pluggable Authentication Modules is a system of libraries that handle the authentication tasks of applications services on the system. Security Fixes: A vulnerability was found in pamaccess due to the improper handling of tokens in access.conf, interpreted as hostnames. This flaw allows...
CLSA-2024-1733245591 pam: Fix of CVE-2024-10963
CVE-2024-10963: fix a flaw found in pamaccess, where certain rules in its configuration file are mistakenly treated as hostnames. There is the new 'nodns' option which should be enabled to fix the CVE...
pam: Improper Hostname Interpretation in pam_access Leads to Access Control Bypass
A flaw was found in pamaccess, where certain rules in its configuration file are mistakenly treated as hostnames. This vulnerability allows attackers to trick the system by pretending to be a trusted hostname, gaining unauthorized access. This issue poses a risk for systems that rely on this...
pam: Improper Hostname Interpretation in pam_access Leads to Access Control Bypass
A flaw was found in pamaccess, where certain rules in its configuration file are mistakenly treated as hostnames. This vulnerability allows attackers to trick the system by pretending to be a trusted hostname, gaining unauthorized access. This issue poses a risk for systems that rely on this...
CentOS 9 : pam-1.5.1-23.el9
The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the pam-1.5.1-23.el9 build changelog. - A flaw was found in pamaccess, where certain rules in its configuration file are mistakenly treated as hostnames. This vulnerability allows attackers...
SUSE CVE-2024-10963
A flaw was found in pamaccess, where certain rules in its configuration file are mistakenly treated as hostnames. This vulnerability allows attackers to trick the system by pretending to be a trusted hostname, gaining unauthorized access. This issue poses a risk for systems that rely on this...
DEBIAN-CVE-2024-10963
A flaw was found in pamaccess, where certain rules in its configuration file are mistakenly treated as hostnames. This vulnerability allows attackers to trick the system by pretending to be a trusted hostname, gaining unauthorized access. This issue poses a risk for systems that rely on this...
AZL-52539 CVE-2024-10963 affecting package pam for versions less than 1.5.3-4
A flaw was found in pamaccess, where certain rules in its configuration file are mistakenly treated as hostnames. This vulnerability allows attackers to trick the system by pretending to be a trusted hostname, gaining unauthorized access. This issue poses a risk for systems that rely on this...