Описание
pam-auth-update for PAM, as used in Ubuntu 8.10 and 9.4, and Debian GNU/Linux, does not properly handle an "empty selection" for system authentication modules in certain rare configurations, which causes any attempt to be successful and allows remote attackers to bypass authentication.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | not-affected | |
| devel | not-affected | 1.0.1-10ubuntu1 |
| hardy | not-affected | |
| intrepid | released | 1.0.1-4ubuntu5.6 |
| jaunty | released | 1.0.1-9ubuntu1.1 |
| upstream | released | 1.0.1-10 |
Показывать по
EPSS
9.3 Critical
CVSS2
Связанные уязвимости
pam-auth-update for PAM, as used in Ubuntu 8.10 and 9.4, and Debian GNU/Linux, does not properly handle an "empty selection" for system authentication modules in certain rare configurations, which causes any attempt to be successful and allows remote attackers to bypass authentication.
pam-auth-update for PAM, as used in Ubuntu 8.10 and 9.4, and Debian GN ...
pam-auth-update for PAM, as used in Ubuntu 8.10 and 9.4, and Debian GNU/Linux, does not properly handle an "empty selection" for system authentication modules in certain rare configurations, which causes any attempt to be successful and allows remote attackers to bypass authentication.
EPSS
9.3 Critical
CVSS2