pam security update

1.3.1-38.0.1 - pamlimits: fix use after free in pamsmopensession Orabug: 36272695 1.3.1-38 - pamnamespace: fix potential privilege escalation. Resolves: CVE-2025-6020 and RHEL-96724...

Oracle Linux 9 : pam (ELSA-2025-9526)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-9526 advisory. 1.5.1-25.0.1 - pamlimits: fix use after free in pamsmopensession Orabug: 36406534 1.5.1-25 - pamnamespace: fix potential privilege escalation. Resolves:...

pam:1.5.1 security update

1.5.1-22.0.1 - pamaccess: clean up the remote host matching code Orabug: 36771903 - pamlimits: fix use after free in pamsmopensession Orabug: 36406534 1.5.1-22 - pamaccess: rework resolving of tokens as hostname. Resolves: CVE-2024-10963 and RHEL-66245 1.5.1-21 - pamunix: always run the helper to...

Linux: Read pam_limits module config files (KB)

The pamlimits.so module applies ulimit limits, nice priority and number of simultaneous login sessions limit to user login sessions. This description of the configuration file syntax applies to the /etc/security/limits.conf file and .conf files in the /etc/security/limits.d directory. Note: This...

OracleVM 3.3 : pam (OVMSA-2015-0117)

The remote OracleVM system is missing necessary patches to address critical security updates : - fix CVE-2015-3238 - DoS due to blocking pipe with very long password - make pampwhistory and pamunix tolerant of opasswd file corruption - pamuserdb: allow any crypt hash algorithm to be used 1119289 ...

Scientific Linux Security Update : pam on SL4.x i386/x86_64

A flaw was found in the way pamconsole set console device permissions. It was possible for various console devices to retain ownership of the console user after logging out, possibly leaking information to another local user. CVE-2007-1716 A flaw was found in the way the PAM library wrote account...

Mandriva Linux Security Advisory : rsh (MDVSA-2008:191)

A vulnerability in the rcp protocol was discovered that allows a server to instruct a client to write arbitrary files outside of the current directory, which could potentially be a security concern if a user used rcp to copy files from a malicious server CVE-2004-0175. This issue was originally...

RHEL 4 : pam (RHSA-2007:0737)

Updated pam packages that fix two security flaws, resolve two bugs, and add an enhancement are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Pluggable Authentication Modules PAM provide a system...

Moderate: Red Hat Security Advisory: pam security, bug fix, and enhancement update

Updated pam packages that fix two security flaws, resolve two bugs, and add an enhancement are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Pluggable Authentication Modules PAM provide a system...

Moderate: Red Hat Security Advisory: pam security, bug fix, and enhancement update

Updated pam packages that fix two security flaws, resolve several bugs, and add enhancements are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Pluggable Authentication Modules PAM provide a system...

Setuid() - nproc limit the type of vulnerability of in-depth analysis-vulnerability warning-the black bar safety net

Setuid - nproc limit the type of vulnerability of in-depth analysis PST --------- Subject : Setuid - nproc limit the type of vulnerability of in-depth analysis --------- Author : [email protected] --------- Copyright : www.ph4nt0m.org www.secwiki.com --------- Date : 07/20/2006 ---------...

CVE-2001-1147

CVE-2001-1147 affects util-linux’s /bin/login PAM handling prior to version 2.11, where a static pwent buffer could be rewritten across PAM calls. In non-default configurations (notably with pam_limits), this could leak one user’s credentials to another. The advisories (Mandrake, Red Hat) documen...