EUVD-2001-1128

Malware in sbrugna...

Mandrake Linux Security Advisory : util-linux (MDKSA-2001:084)

Tarhon-Onu Victor found a problem in /bin/login's PAM implementation. It stored the value of a static pwent buffer across PAM calls, and when used with some PAM modules in non-default configurations ie. using pamlimits, it would overwrite the buffer and cause the user to get the credentials of...

Multiple OpenSSH PAM bugs

Multiple vulnerabilities...

CVE-2001-1147

The PAM implementation in /bin/login of the util-linux package before 2.11 causes a password entry to be rewritten across multiple PAM calls, which could provide the credentials of one user to a different user, when used in certain PAM modules such as pamlimits...

Important: Red Hat Security Advisory: : New util-linux packages available to fix /bin/login pam problem

New util-linux packages are available that fix a problem with /bin/login's PAM implementation. This could, in some non-default setups, cause users to receive credentials of other users. It is recommended that all users update to the fixed packages. 2001-10-22: Packages are now available for Red H...

CVE-2001-1147

The PAM implementation in /bin/login of the util-linux package before 2.11 causes a password entry to be rewritten across multiple PAM calls, which could provide the credentials of one user to a different user, when used in certain PAM modules such as pamlimits...