CVE-2016-4422

Опубликовано: 06 мая 2016

Источник: debian

EPSS Низкий

Описание

The pam_sm_authenticate function in pam_sshauth.c in libpam-sshauth might allow context-dependent attackers to bypass authentication or gain privileges via a system user account.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
libpam-sshauth	fixed	0.4.1-2		package

Примечания

Introduced in: https://bazaar.launchpad.net/~ltsp-upstream/ltsp/libpam-sshauth/revision/93/src/pam_sshauth.c
Fixed in: https://bazaar.launchpad.net/~ltsp-upstream/ltsp/libpam-sshauth/revision/114
https://www.openwall.com/lists/oss-security/2016/05/01/2

EPSS

Процентиль: 57%

0.00357

Низкий

Связанные уязвимости

CVE-2016-4422

CVSS3: 9.8

ubuntu

почти 10 лет назад

The pam_sm_authenticate function in pam_sshauth.c in libpam-sshauth might allow context-dependent attackers to bypass authentication or gain privileges via a system user account.

CVE-2016-4422

CVSS3: 9.8

nvd

почти 10 лет назад

The pam_sm_authenticate function in pam_sshauth.c in libpam-sshauth might allow context-dependent attackers to bypass authentication or gain privileges via a system user account.

GHSA-c337-rr2j-g4h6

CVSS3: 9.8

github

больше 3 лет назад

The pam_sm_authenticate function in pam_sshauth.c in libpam-sshauth might allow context-dependent attackers to bypass authentication or gain privileges via a system user account.

EPSS

Процентиль: 57%

0.00357

Низкий