UBUNTU-CVE-2026-43916

pamauthnft is a PAM session module binding nftables firewall rules to...

CVE-2026-43916

pamauthnft is a PAM session module binding nftables firewall rules to authenticated sessions via cgroupv2 inodes. Prior to 0.2.0-alpha, a heap buffer over-read in peerlookuptcp src/peerlookup.c:134, prior to the fix allowed a crafted NETLINKSOCKDIAG reply to slip past the message-size check, then...

Oracle Linux 9 : pam (ELSA-2025-15099)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-15099 advisory. 1.5.1-26.0.1 - pamlimits: fix use after free in pamsmopensession Orabug: 36406534 1.5.1-26 - pamnamespace: fix potential privilege escalation. Resolve...

SUSE CVE-2017-6967

xrdp 0.9.1 calls the PAM function authstartsession in an incorrect location, leading to PAM session modules not being properly initialized, with a potential consequence of incorrect configurations or elevation of privileges, aka a pamlimits.so bypass...

SUSE-SU-2019:1860-1 Security update for xrdp

This update for xrdp fixes the following issues: Security issues fixed: - CVE-2013-1430: When successfully logging in using RDP into an xrdp session, the file /.vnc/sesman$usernamepasswd was created. Its content was the equivalent of the user's cleartext password, DES encrypted with a known key...

SUSE-SU-2019:1847-1 Security update for xrdp

This update for xrdp fixes the following issues: These security issues were fixed: - CVE-2013-1430: When successfully logging in using RDP into an xrdp session, the file /.vnc/sesman$usernamepasswd was created. Its content was the equivalent of the user's cleartext password, DES encrypted with a...

SUSE SLED11 / SLES11 Security Update : sudo (SUSE-SU-2015:0985-1)

This update for sudo provides the following fixes : Handle TZ environment variable safely. CVE-2014-9680, bnc917806 Do not truncate long commands 131072 or more characters without any warning. bnc901145 Create log files with ownership set to user and group 'root'. bnc904694 Close PAM session...

OpenSSH < 2.9.9p1 Resource Limit Bypass

According to its banner, the remote host is running a version of OpenSSH earlier than 2.9.9/2.9.9p1. Such versions fail to initiate a Pluggable Authentication Module PAM session if commands are executed with no pty. A remote, unauthenticated attacker, exploiting this flaw, could bypass resource...

openssh security and bug fix update

3.9p1-8.RHEL4.24 - return correct exit status on failed write on sftp batch mode 247802 3.9p1-8.RHEL4.23 - some more mem leaks fix in sftp 240909 3.9p1-8.RHEL4.22 - CVE-2007-3102 escape account name to prevent audit log injection 248058 3.9p1-8.RHEL4.21 - move pam session calls so pamclosesession...

CentOS 3 : rsh (CESA-2005:074)

Updated rsh packages that fix various bugs and a theoretical security issue are now available. This update has been rated as having low security impact by the Red Hat Security Response Team The rsh package contains a set of programs that allow users to run commands on remote machines, login to...

Low: Red Hat Security Advisory: rsh security update

Updated rsh packages that fix various bugs and a theoretical security issue are now available. This update has been rated as having low security impact by the Red Hat Security Response Team The rsh package contains a set of programs that allow users to run commands on remote machines, login to...

RHEL 3 : rsh (RHSA-2005:074)

Updated rsh packages that fix various bugs and a theoretical security issue are now available. This update has been rated as having low security impact by the Red Hat Security Response Team The rsh package contains a set of programs that allow users to run commands on remote machines, login to...

rsh security update

CentOS Errata and Security Advisory CESA-2005:074 Updated rsh packages that fix various bugs and a theoretical security issue are now available. This update has been rated as having low security impact by the Red Hat Security Response Team The rsh package contains a set of programs that allow use...

CVE-2001-1459

OpenSSH 2.9 and earlier does not initiate a Pluggable Authentication Module PAM session if commands are executed with no pty, which allows local users to bypass resource limits rlimits set in pam.d...

OpenSSH does not initialize PAM session thereby allowing PAM restrictions to be bypassed

Overview OpenSSH is an implementation of the Secure Shell SSH protocol. It can be configured to use Linux Pluggable Authentication Modules PAM for added authentication. A vulnerability exists in OpenSSH, and perhaps other implementations of SSH, which can allow to potentially bypass PAM...

CVE-2001-1459

OpenSSH 2.9 and earlier does not initiate a Pluggable Authentication Module PAM session if commands are executed with no pty, which allows local users to bypass resource limits rlimits set in pam.d...