Описание
authpam.c in courier-authdaemon for Courier Mail Server 0.37.3 through 0.52.1, when using pam_tally, does not call the pam_acct_mgmt function to verify that access should be granted, which allows attackers to authenticate to the server using accounts that have been disabled.
authpam.c in courier-authdaemon for Courier Mail Server 0.37.3 through 0.52.1, when using pam_tally, does not call the pam_acct_mgmt function to verify that access should be granted, which allows attackers to authenticate to the server using accounts that have been disabled.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2005-3532
- https://exchange.xforce.ibmcloud.com/vulnerabilities/23532
- https://usn.ubuntu.com/226-1
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=211920
- http://secunia.com/advisories/17919
- http://secunia.com/advisories/17999
- http://www.debian.org/security/2005/dsa-917
- http://www.securityfocus.com/bid/15771
EPSS
CVE ID
Связанные уязвимости
authpam.c in courier-authdaemon for Courier Mail Server 0.37.3 through 0.52.1, when using pam_tally, does not call the pam_acct_mgmt function to verify that access should be granted, which allows attackers to authenticate to the server using accounts that have been disabled.
authpam.c in courier-authdaemon for Courier Mail Server 0.37.3 through 0.52.1, when using pam_tally, does not call the pam_acct_mgmt function to verify that access should be granted, which allows attackers to authenticate to the server using accounts that have been disabled.
authpam.c in courier-authdaemon for Courier Mail Server 0.37.3 through ...
EPSS