CVE-2016-4422

Опубликовано: 06 мая 2016

Источник: ubuntu

Приоритет: high

CVSS2: 10

CVSS3: 9.8

Описание

The pam_sm_authenticate function in pam_sshauth.c in libpam-sshauth might allow context-dependent attackers to bypass authentication or gain privileges via a system user account.

Релиз	Статус	Примечание
devel	not-affected	0.4.1-2
esm-apps/xenial	released	0.3.1-1ubuntu2
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was released [0.3.1-1deb8u1build0.14.04.1]]
precise	ignored	end of life
precise/esm	DNE	precise was needs-triage
trusty	released	0.3.1-1deb8u1build0.14.04.1
trusty/esm	DNE	trusty was released [0.3.1-1deb8u1build0.14.04.1]
upstream	released	0.4.1-2
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE

Показывать по

Ссылки на источники

10 Critical

CVSS2

9.8 Critical

CVSS3

Связанные уязвимости

CVE-2016-4422

CVSS3: 9.8

nvd

почти 10 лет назад

The pam_sm_authenticate function in pam_sshauth.c in libpam-sshauth might allow context-dependent attackers to bypass authentication or gain privileges via a system user account.

CVE-2016-4422

CVSS3: 9.8

debian

почти 10 лет назад

The pam_sm_authenticate function in pam_sshauth.c in libpam-sshauth mi ...

GHSA-c337-rr2j-g4h6

CVSS3: 9.8

github

больше 3 лет назад

The pam_sm_authenticate function in pam_sshauth.c in libpam-sshauth might allow context-dependent attackers to bypass authentication or gain privileges via a system user account.

10 Critical

CVSS2

9.8 Critical

CVSS3

CVE-2016-4422

Описание

Пакет libpam-sshauth

Ссылки на источники

Связанные уязвимости