18 results (0.010 seconds)

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1

linux-pam (aka Linux PAM) before 1.6.0 allows attackers to cause a denial of service (blocked login process) via mkfifo because the openat call (for protect_dir) lacks O_DIRECTORY. linux-pam (también conocido como Linux PAM) anterior a 1.6.0 permite a los atacantes provocar una denegación de servicio (proceso de inicio de sesión bloqueado) a través de mkfifo porque la llamada openat (para protect_dir) carece de O_DIRECTORY. A vulnerability was found in Linux PAM. An unprivileged user that is not yet in a corresponding mount namespace with ~/tmp mounted as a polyinstantiated dir can place a FIFO there, and a subsequent attempt to login as this user with `pam_namespace` configured will cause the `openat()` in `protect_dir()` to block the attempt, causing a local denial of service. • http://www.openwall.com/lists/oss-security/2024/01/18/3 https://github.com/linux-pam/linux-pam https://github.com/linux-pam/linux-pam/commit/031bb5a5d0d950253b68138b498dc93be69a64cb https://github.com/linux-pam/linux-pam/releases/tag/v1.6.0 https://access.redhat.com/security/cve/CVE-2024-22365 https://bugzilla.redhat.com/show_bug.cgi?id=2257722 • CWE-277: Insecure Inherited Permissions •

CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0

The Linux-PAM package before 1.5.2-6.1 for openSUSE Tumbleweed allows authentication bypass for SSH logins. The pam_access.so module doesn't correctly restrict login if a user tries to connect from an IP address that is not resolvable via DNS. In such conditions, a user with denied access to a machine can still get access. NOTE: the relevance of this issue is largely limited to openSUSE Tumbleweed and openSUSE Factory; it does not affect Linux-PAM upstream. El paquete Linux-PAM versiones anteriores a 1.5.2-6.1 para openSUSE Tumbleweed, permite omitir la autenticación en los inicios de sesión SSH. • http://download.opensuse.org/source/distribution/openSUSE-current/repo/oss/src https://bugzilla.suse.com/show_bug.cgi?id=1197654 https://www.suse.com/security/cve/CVE-2022-28321.html • CWE-287: Improper Authentication •

CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0

A flaw was found in Linux-Pam in versions prior to 1.5.1 in the way it handle empty passwords for non-existing users. When the user doesn't exist PAM try to authenticate with root and in the case of an empty password it successfully authenticate. Se encontró un fallo en Linux-Pam en versiones anteriores a 1.5.1 en la manera en que maneja contraseñas vacías para usuarios inexistentes. Cuando el usuario no existe, PAM intenta autenticarse con root y en el caso de una contraseña vacía, es autenticado con éxito • https://bugzilla.redhat.com/show_bug.cgi?id=1901094 • CWE-287: Improper Authentication •

CVSS: 9.3EPSS: 0%CPEs: 3EXPL: 0

A incorrect variable in a SUSE specific patch for pam_access rule matching in PAM 1.3.0 in openSUSE Leap 15.0 and SUSE Linux Enterprise 15 could lead to pam_access rules not being applied (fail open). Una variable incorrecta en un parche específico de SUSE para la coincidencia de reglas pam_access en PAM 1.3.0 en openSUSE Leap 15.0 y SUSE Linux Enterprise 15 podría conducir a que las reglas de pam_access no se apliquen (fail open). • https://bugzilla.suse.com/show_bug.cgi?id=1115640 • CWE-284: Improper Access Control •

CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 2

The _unix_run_helper_binary function in the pam_unix module in Linux-PAM (aka pam) before 1.2.1, when unable to directly access passwords, allows local users to enumerate usernames or cause a denial of service (hang) via a large password. Vulnerabilidad en la función _unix_run_helper_binary en el módulo pam_unix en Linux-PAM (también conocido como pam) en versiones anteriores a 1.2.1, cuando no es posible acceder directamente a las contraseñas, permite a usuarios locales enumerar los nombres de usuario o causar una denegación de servicio (colgado) a través de una contraseña larga. It was discovered that the _unix_run_helper_binary() function of PAM's unix_pam module could write to a blocking pipe, possibly causing the function to become unresponsive. An attacker able to supply large passwords to the unix_pam module could use this flaw to enumerate valid user accounts, or cause a denial of service on the system. • http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161350.html http://lists.fedoraproject.org/pipermail/package-announce/2015-June/161249.html http://rhn.redhat.com/errata/RHSA-2015-1640.html http://www.openwall.com/lists/oss-security/2015/06/25/13 http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html http://www.securityfocus.com/bid/75428 http://www.ubuntu.com/usn/USN-2935-1 http://www.ubuntu.com/usn/USN-2935-2 http://www.ubuntu.co • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-203: Observable Discrepancy •