logo
DATABASE RESOURCES PRICING ABOUT US

CVE-2020-27743

Description

libtac in pam_tacplus through 1.5.1 lacks a check for a failure of RAND_bytes()/RAND_pseudo_bytes(). This could lead to use of a non-random/predictable session_id. #### Bugs * <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=973250>


Affected Package


OS OS Version Package Name Package Version
ubuntu 20.04 libpam-tacplus any
ubuntu 22.04 libpam-tacplus any
ubuntu upstream libpam-tacplus any
ubuntu upstream libpam-tacplus any
ubuntu 16.04 libpam-tacplus any

Related