MiracleLinux 8 : pam-1.3.1-36.el8_10 (AXSA:2024-9040:04)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-9040:04 advisory. pam: libpam: Libpam vulnerable to read hashed password CVE-2024-10041 pam: Improper Hostname Interpretation in pamaccess Leads to Access Control...

EUVD-2013-3208

Malware in sbrugna...

NewStart CGSL MAIN 6.06 : pam Multiple Vulnerabilities (NS-SA-2025-0213)

The remote NewStart CGSL host, running version MAIN 6.06, has pam packages installed that are affected by multiple vulnerabilities: - pamnamespace.c in the pamnamespace module in Linux-PAM aka pam before 1.1.3 uses the environment of the invoking application or service during execution of the...

Debian dla-4306 : libpam-cracklib - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4306 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4306-1 [email protected]...

GLSA-202508-01 : PAM: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202508-01 PAM: Multiple Vulnerabilities Multiple vulnerabilities have been discovered in PAM. Please review the CVE identifiers referenced below for details. Tenable has extracted the preceding description block directly from the...

PAM: Multiple Vulnerabilities

Background PAM Pluggable Authentication Modules is an architecture allowing the separation of the development of privilege granting software from the development of secure and appropriate authentication schemes. Description Multiple vulnerabilities have been discovered in PAM. Please review the C...

NewStart CGSL MAIN 7.02 : pam Multiple Vulnerabilities (NS-SA-2025-0191)

The remote NewStart CGSL host, running version MAIN 7.02, has pam packages installed that are affected by multiple vulnerabilities: - linux-pam aka Linux PAM before 1.6.0 allows attackers to cause a denial of service blocked login process via mkfifo because the openat call for protectdir lacks...

NewStart CGSL MAIN 7.02 : pam Multiple Vulnerabilities (NS-SA-2025-0083)

The remote NewStart CGSL host, running version MAIN 7.02, has pam packages installed that are affected by multiple vulnerabilities: - A flaw was found in pamaccess, where certain rules in its configuration file are mistakenly treated as hostnames. This vulnerability allows attackers to trick the...

EulerOS Virtualization 2.12.0 : pam (EulerOS-SA-2025-1571)

According to the versions of the pam package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in pamaccess, where certain rules in its configuration file are mistakenly treated as hostnames. This vulnerability...

EulerOS Virtualization 2.12.1 : pam (EulerOS-SA-2025-1555)

According to the versions of the pam package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in pamaccess, where certain rules in its configuration file are mistakenly treated as hostnames. This vulnerability...

PAM: Multiple Vulnerabilities

Background PAM Pluggable Authentication Modules is an architecture allowing the separation of the development of privilege granting software from the development of secure and appropriate authentication schemes. Description Multiple vulnerabilities have been discovered in PAM. Please review the C...

GLSA-202505-01 : PAM: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202505-01 PAM: Multiple Vulnerabilities Multiple vulnerabilities have been discovered in PAM. Please review the CVE identifiers referenced below for details. Tenable has extracted the preceding description block directly from the...

Advisory ROSA-SA-2025-2732

Software: pam 1.3.1 OS: ROSA Virtualization 3.0 packageevrstring: pam-1.3.1-36.0.1.rv30 CVE-ID: CVE-2024-10041 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in PAM allows an attacker to access sensitive information stored in memory through the execution of a victim program by sending...

EulerOS 2.0 SP12 : pam (EulerOS-SA-2025-1194)

According to the versions of the pam package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in pamaccess, where certain rules in its configuration file are mistakenly treated as hostnames. This vulnerability allows attackers ...

RockyLinux 8 : pam (RLSA-2024:10379)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:10379 advisory. pam: libpam: Libpam vulnerable to read hashed password CVE-2024-10041 pam: Improper Hostname Interpretation in pamaccess Leads to Access Control Bypass...

RHEL 8 : pam (RHSA-2024:10379)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:10379 advisory. Pluggable Authentication Modules PAM provide a system to set up authentication policies without the need to recompile programs to handle...

CVE-2024-10041 vulnerabilities

Vulnerabilities for packages: linux-pam...

SUSE-SU-2016:1645-1 Security update for pam

This update for pam fixes two security issues. These security issues were fixed: - CVE-2015-3238: pamunix in conjunction with SELinux allowed for DoS attacks bsc934920. - CVE-2013-7041: Compare password hashes case-sensitively bsc854480. This non-security issue was fixed: - bsc962220: Don't fail...

Ubuntu 14.04 LTS : PAM vulnerabilities (USN-2935-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2935-1 advisory. It was discovered that the PAM pamuserdb module incorrectly used a case-insensitive method when comparing hashed passwords. A local attacker could possib...

Vulnerabilities of the Red Hat Enterprise Linux operating system that allow malicious actors to compromise the confidentiality, integrity, and accessibility of protected information

Multiple vulnerabilities exist in the pam-0.75 package of the Red Hat Enterprise Linux operating system. Exploitation of these vulnerabilities can lead to breaches of confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited locally...