Описание
Security update for pam-modules
This update for pam-modules fixes the following security issue:
- CVE-2011-3172: Ensure that unix2_chkpwd calls pam_acct_mgmt to prevent usage of locked accounts (bsc#707645).
Список пакетов
SUSE Linux Enterprise Server 11 SP4
pam-modules-11-1.27.3.1
pam-modules-32bit-11-1.27.3.1
pam-modules-x86-11-1.27.3.1
SUSE Linux Enterprise Server for SAP Applications 11 SP4
pam-modules-11-1.27.3.1
pam-modules-32bit-11-1.27.3.1
pam-modules-x86-11-1.27.3.1
Ссылки
- Link for SUSE-SU-2018:1760-1
- E-Mail link for SUSE-SU-2018:1760-1
- SUSE Security Ratings
- SUSE Bug 707645
- SUSE CVE CVE-2011-3172 page
Описание
A vulnerability in pam_modules of SUSE Linux Enterprise allows attackers to log into accounts that should have been disabled. Affected releases are SUSE Linux Enterprise: versions prior to 12.
Затронутые продукты
SUSE Linux Enterprise Server 11 SP4:pam-modules-11-1.27.3.1
SUSE Linux Enterprise Server 11 SP4:pam-modules-32bit-11-1.27.3.1
SUSE Linux Enterprise Server 11 SP4:pam-modules-x86-11-1.27.3.1
SUSE Linux Enterprise Server for SAP Applications 11 SP4:pam-modules-11-1.27.3.1
Ссылки
- CVE-2011-3172
- SUSE Bug 1149683
- SUSE Bug 707645