The mod_auth_shadow module 1.0 through 1.5 and 2.0 for Apache with
AuthShadow enabled uses shadow authentication for all locations that use
the require group directive, even when other authentication mechanisms are
specified, which might allow remote authenticated users to bypass security
restrictions.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 6.06 | noarch | mod-auth-shadow | < 1.4-2 | UNKNOWN |
ubuntu | 6.10 | noarch | mod-auth-shadow | < 1.4-2 | UNKNOWN |
ubuntu | 7.04 | noarch | mod-auth-shadow | < 1.4-2 | UNKNOWN |