Vulnerabilities

CVE-2009-3232

by Fred · 17/09/2009

pam-auth-update for PAM, as used in Ubuntu 8.10 and 9.4, and Debian GNU/Linux, does not properly handle an "empty selection" for system authentication modules in certain rare configurations, which causes any attempt to be successful and allows remote attackers to bypass authentication.

Date published : 2009-09-17

http://www.securityfocus.com/bid/36306

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=519927

Similar

Tags: Cybersecurity Alert