Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

bugtraq logo Bugtraq mailing list archives

Re: pam question
From: Wichert Akkerman <wichert () CISTRON NL>
Date: Thu, 3 Aug 2000 15:02:19 +0200
Previously Vincent Danen wrote:

Hi there.  I have a question about the security explots in pam that
Connectiva and RedHat announced.  Does anyone know what version the
exploit first appeared in?  Specifically, I'm wondering if versions
0.66 and 0.68 are afflicted with this exploit.


They are and they are not: pam_console is a redhat addition to the
PAM sourcecode. So the official PAM release are not affected at all,
but the redhat packaged version of PAM with the pam_console addition
is.

Wichert.

-- 
  _________________________________________________________________
 / Generally uninteresting signature - ignore at your convenience  \
| wichert () wiggy net                   http://www.liacs.nl/~wichert/ |
| 1024D/2FA3BC2D 576E 100B 518D 2F16 36B0  2805 3CB8 9250 2FA3 BC2D |

Attachment: _bin
Description:

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]