Описание
A flaw was found in pam_access, where certain rules in its configuration file are mistakenly treated as hostnames. This vulnerability allows attackers to trick the system by pretending to be a trusted hostname, gaining unauthorized access. This issue poses a risk for systems that rely on this feature to control who can access certain services or terminals.
Отчет
This vulnerability in pam_access is rated with an Important severity because it directly impacts the integrity of access control mechanisms in secure environments. By allowing hostname spoofing to bypass restrictions intended for specific local TTYs or services, the vulnerability enables attackers with minimal effort to exploit gaps in security policies that rely on access.conf configurations. The potential for unauthorized access is significant, as attackers with root privileges on any networked device can impersonate trusted service names to evade local access controls. This vulnerability was introduced in RHEL-9.4 and does not affect previous versions of RHEL-9.
Меры по смягчению последствий
To reduce the risk, administrators should ensure that no DNS hostname matches local TTY or service names used in pam_access. Additionally, implement DNSSEC to prevent spoofing of DNS responses. For stronger protection, consider reconfiguring pam_access to only accept fully qualified domain names (FQDNs) in access.conf
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 10 | pam | Not affected | ||
| Red Hat Enterprise Linux 6 | pam | Not affected | ||
| Red Hat Enterprise Linux 7 | pam | Not affected | ||
| Red Hat Enterprise Linux 8 | pam | Fixed | RHSA-2024:10379 | 26.11.2024 |
| Red Hat Enterprise Linux 9 | pam | Fixed | RHSA-2024:10244 | 25.11.2024 |
| Red Hat Enterprise Linux 9 | pam | Fixed | RHSA-2024:10244 | 25.11.2024 |
| Red Hat Enterprise Linux 9.4 Extended Update Support | pam | Fixed | RHSA-2024:10232 | 25.11.2024 |
| Red Hat OpenShift Container Platform 4.16 | rhcos-416.94.202411261619 | Fixed | RHSA-2024:10528 | 04.12.2024 |
| Red Hat OpenShift Container Platform 4.17 | rhcos-417.94.202411261220 | Fixed | RHSA-2024:10518 | 03.12.2024 |
| Red Hat OpenShift AI 2.16 | registry.redhat.io/rhoai/odh-dashboard-rhel8 | Fixed | RHSA-2024:10852 | 05.12.2024 |
Показывать по
Дополнительная информация
Статус:
EPSS
7.4 High
CVSS3
Связанные уязвимости
A flaw was found in pam_access, where certain rules in its configuration file are mistakenly treated as hostnames. This vulnerability allows attackers to trick the system by pretending to be a trusted hostname, gaining unauthorized access. This issue poses a risk for systems that rely on this feature to control who can access certain services or terminals.
A flaw was found in pam_access, where certain rules in its configuration file are mistakenly treated as hostnames. This vulnerability allows attackers to trick the system by pretending to be a trusted hostname, gaining unauthorized access. This issue poses a risk for systems that rely on this feature to control who can access certain services or terminals.
A flaw was found in pam_access, where certain rules in its configurati ...
A vulnerability was found in pam_access due to the improper handling of tokens in access.conf, interpreted as hostnames. This flaw allows attackers to bypass access restrictions by spoofing hostnames, undermining configurations designed to limit access to specific TTYs or services. The flaw poses a risk in environments relying on these configurations for local access control.
EPSS
7.4 High
CVSS3