Bugtraq mailing list archives

Re: pam question

From: Andreas Hasenack <andreas () CONECTIVA COM BR>
Date: Wed, 2 Aug 2000 09:44:57 -0300

Em Mon, Jul 31, 2000 at 07:50:45PM -0400, Vincent Danen escreveu:

Hi there.  I have a question about the security explots in pam that
Connectiva and RedHat announced.  Does anyone know what version the
exploit first appeared in?  Specifically, I'm wondering if versions
0.66 and 0.68 are afflicted with this exploit.


pam_console is the affected module. As stated in the advisories, if
you:
- login remotely (X -broadcast) (have gdm, kdm, whatever running
with XDMCP enabled somewhere)
- after login, start Xnest with -broadcast again, for example
- login again, now you will be using display :1
- this is treated as a console user, and commands only available
  to console users can be run, such as reboot.

I have tried this from versions 0.66 through 0.72 (unpatched) and
the problem exists in those.

There is a problem with versioning with this package, though. 
The fixed version has the exact same version number as the previous 
one, not even a patch: it's just repackaged in the tar ball. 
Pristine sources?

-- 
Andreas Hasenack
andreas () conectiva com br

Attachment: _bin
Description:

Current thread:

pam question Vincent Danen (Aug 01)
- Re: pam question Andreas Hasenack (Aug 02)
- Re: pam question Wichert Akkerman (Aug 03)