CVE-2016-20014

Опубликовано: 21 апр. 2022

Источник: debian

EPSS Низкий

Описание

In pam_tacplus.c in pam_tacplus before 1.4.1, pam_sm_acct_mgmt does not zero out the arep data structure.

Пакет	Статус	Релиз	Тип
libpam-tacplus	removed		package
libpam-tacplus	no-dsa	buster	package
libpam-tacplus	no-dsa	stretch	package

Fixed by: https://github.com/kravietz/pam_tacplus/commit/e4c00eba70a0f72c4de77b5f072c69708ec2beab (v1.4.1)

EPSS

Процентиль: 37%

0.00156

Низкий

CVE-2016-20014

CVSS3: 9.8

ubuntu

почти 4 года назад

In pam_tacplus.c in pam_tacplus before 1.4.1, pam_sm_acct_mgmt does not zero out the arep data structure.

CVE-2016-20014

CVSS3: 9.8

nvd

почти 4 года назад

In pam_tacplus.c in pam_tacplus before 1.4.1, pam_sm_acct_mgmt does not zero out the arep data structure.

GHSA-85mx-crqg-rfwj

CVSS3: 9.8

github

почти 4 года назад

In pam_tacplus.c in pam_tacplus before 1.4.1, pam_sm_acct_mgmt does not zero out the arep data structure.

EPSS

Процентиль: 37%

0.00156

Низкий