Описание
The Linux-PAM package before 1.5.2-6.1 for openSUSE Tumbleweed allows authentication bypass for SSH logins. The pam_access.so module doesn't correctly restrict login if a user tries to connect from an IP address that is not resolvable via DNS. In such conditions, a user with denied access to a machine can still get access. NOTE: the relevance of this issue is largely limited to openSUSE Tumbleweed and openSUSE Factory; it does not affect Linux-PAM upstream.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 1.1.8-3.6ubuntu2.18.04.4 |
| devel | not-affected | code not present |
| esm-infra-legacy/trusty | released | 1.1.8-1ubuntu2.2+esm1 |
| esm-infra/bionic | released | 1.1.8-3.6ubuntu2.18.04.4 |
| esm-infra/focal | released | 1.3.1-5ubuntu4.4 |
| esm-infra/xenial | released | 1.1.8-3.2ubuntu2.3+esm2 |
| focal | released | 1.3.1-5ubuntu4.4 |
| jammy | released | 1.4.0-11ubuntu2.1 |
| kinetic | released | 1.5.2-2ubuntu1.1 |
| lunar | not-affected | code not present |
Показывать по
Ссылки на источники
EPSS
9.8 Critical
CVSS3
Связанные уязвимости
The Linux-PAM package before 1.5.2-6.1 for openSUSE Tumbleweed allows authentication bypass for SSH logins. The pam_access.so module doesn't correctly restrict login if a user tries to connect from an IP address that is not resolvable via DNS. In such conditions, a user with denied access to a machine can still get access. NOTE: the relevance of this issue is largely limited to openSUSE Tumbleweed and openSUSE Factory; it does not affect Linux-PAM upstream.
The Linux-PAM package before 1.5.2-6.1 for openSUSE Tumbleweed allows authentication bypass for SSH logins. The pam_access.so module doesn't correctly restrict login if a user tries to connect from an IP address that is not resolvable via DNS. In such conditions, a user with denied access to a machine can still get access. NOTE: the relevance of this issue is largely limited to openSUSE Tumbleweed and openSUSE Factory; it does not affect Linux-PAM upstream.
The Linux-PAM package before 1.5.2-6.1 for openSUSE Tumbleweed allows ...
The Linux-PAM package before 1.5.2-6.1 for openSUSE Tumbleweed allows authentication bypass for SSH logins. The pam_access.so module doesn't correctly restrict login if a user tries to connect from an IP address that is not resolvable via DNS. In such conditions, a user with denied access to a machine can still get access. NOTE: the relevance of this issue is largely limited to openSUSE Tumbleweed and openSUSE Factory; it does not affect Linux-PAM upstream.
Уязвимость функции pam_access.so модуля аутентификации Linux-PAM, позволяющая нарушителю обойти существующие ограничения безопасности
EPSS
9.8 Critical
CVSS3