Описание
A flaw was found in pam_access, where certain rules in its configuration file are mistakenly treated as hostnames. This vulnerability allows attackers to trick the system by pretending to be a trusted hostname, gaining unauthorized access. This issue poses a risk for systems that rely on this feature to control who can access certain services or terminals.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 1.7.0-5ubuntu1 |
| esm-infra-legacy/trusty | not-affected | see notes |
| esm-infra/bionic | not-affected | see notes |
| esm-infra/focal | not-affected | see notes |
| esm-infra/xenial | not-affected | see notes |
| focal | not-affected | see notes |
| jammy | not-affected | see notes |
| noble | released | 1.5.3-5ubuntu5.5 |
| oracular | ignored | end of life, was needed |
| plucky | released | 1.5.3-7ubuntu4.4 |
Показывать по
EPSS
7.4 High
CVSS3
Связанные уязвимости
A flaw was found in pam_access, where certain rules in its configuration file are mistakenly treated as hostnames. This vulnerability allows attackers to trick the system by pretending to be a trusted hostname, gaining unauthorized access. This issue poses a risk for systems that rely on this feature to control who can access certain services or terminals.
A flaw was found in pam_access, where certain rules in its configuration file are mistakenly treated as hostnames. This vulnerability allows attackers to trick the system by pretending to be a trusted hostname, gaining unauthorized access. This issue poses a risk for systems that rely on this feature to control who can access certain services or terminals.
A flaw was found in pam_access, where certain rules in its configurati ...
EPSS
7.4 High
CVSS3