Bugtraq mailing list archives

Re: pam question

From: Wichert Akkerman <wichert () CISTRON NL>
Date: Thu, 3 Aug 2000 15:02:19 +0200

Previously Vincent Danen wrote:

Hi there.  I have a question about the security explots in pam that
Connectiva and RedHat announced.  Does anyone know what version the
exploit first appeared in?  Specifically, I'm wondering if versions
0.66 and 0.68 are afflicted with this exploit.


They are and they are not: pam_console is a redhat addition to the
PAM sourcecode. So the official PAM release are not affected at all,
but the redhat packaged version of PAM with the pam_console addition
is.

Wichert.

-- 
  _________________________________________________________________
 / Generally uninteresting signature - ignore at your convenience  \
| wichert () wiggy net                   http://www.liacs.nl/~wichert/ |
| 1024D/2FA3BC2D 576E 100B 518D 2F16 36B0  2805 3CB8 9250 2FA3 BC2D |

Attachment: _bin
Description:

Current thread:

pam question Vincent Danen (Aug 01)
- Re: pam question Andreas Hasenack (Aug 02)
- Re: pam question Wichert Akkerman (Aug 03)