Bugtraq mailing list archives
Re: pam question
From: Andreas Hasenack <andreas () CONECTIVA COM BR>
Date: Wed, 2 Aug 2000 09:44:57 -0300
Em Mon, Jul 31, 2000 at 07:50:45PM -0400, Vincent Danen escreveu:
Hi there. I have a question about the security explots in pam that Connectiva and RedHat announced. Does anyone know what version the exploit first appeared in? Specifically, I'm wondering if versions 0.66 and 0.68 are afflicted with this exploit.
pam_console is the affected module. As stated in the advisories, if you: - login remotely (X -broadcast) (have gdm, kdm, whatever running with XDMCP enabled somewhere) - after login, start Xnest with -broadcast again, for example - login again, now you will be using display :1 - this is treated as a console user, and commands only available to console users can be run, such as reboot. I have tried this from versions 0.66 through 0.72 (unpatched) and the problem exists in those. There is a problem with versioning with this package, though. The fixed version has the exact same version number as the previous one, not even a patch: it's just repackaged in the tar ball. Pristine sources? -- Andreas Hasenack andreas () conectiva com br
Attachment:
_bin
Description:
Current thread:
- pam question Vincent Danen (Aug 01)
- Re: pam question Andreas Hasenack (Aug 02)
- Re: pam question Wichert Akkerman (Aug 03)