Lucene search
PRIOn knowledge basePRION:CVE-2011-4120HistoryNov 26, 2019 - 5:15 a.m.
Design/Logic Flaw
2019-11-2605:15:00
PRIOn knowledge base
www.prio-n.com
1
Yubico PAM Module before 2.10 performed user authentication when ‘use_first_pass’ PAM configuration option was not used and the module was configured as ‘sufficient’ in the PAM configuration. A remote attacker could use this flaw to circumvent common authentication process and obtain access to the account in question by providing a NULL value (pressing Ctrl-D keyboard sequence) as the password string.
| CPE | Name | Operator | Version |
|---|---|---|---|
| debian_linux | eq | 8.0 | |
| debian_linux | eq | 9.0 | |
| debian_linux | eq | 10.0 | |
| pam_module | lt | 2.10 |
Related
openvas
openvas
Fedora Update for pam_yubico FEDORA-2011-15580
2012-04-02 00:00:00
Fedora Update for yubikey-val FEDORA-2011-15580
2012-03-19 00:00:00
Fedora Update for ykclient FEDORA-2011-15580
2012-04-02 00:00:00
debiancve
debiancve
CVE-2011-4120
2019-11-26 05:15:13
nvd
nvd
CVE-2011-4120
2019-11-26 05:15:13
nessus
nessus
cve
cve
CVE-2011-4120
2019-11-26 05:15:13
fedora
fedora
[SECURITY] Fedora 16 Update: ykclient-2.6-1.fc16
2011-12-12 21:54:44
[SECURITY] Fedora 16 Update: pam_yubico-2.8-1.fc16
2011-12-12 21:54:44
[SECURITY] Fedora 16 Update: yubikey-val-2.10-1.fc16
2011-12-12 21:54:44
cvelist
cvelist
CVE-2011-4120
2019-11-26 04:17:52