The PAM module (and server) pam_smb allows users of Linux systems to be authenticated by querying an NT server. Dave Airlie <airlied@xxxxxxxxx> informed us about a bug in the authentication code of pam_smb that allows a remote attacker to gain access to a system using pam_smb by issuing a too long password string.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
openSUSE | 7.2 | i386 | pam_smb | < 1.1.6-500 | pam_smb-1.1.6-500.i386.rpm |
openSUSE | 8.2 | i586 | pam_smb | < 1.1.6-501 | pam_smb-1.1.6-501.i586.rpm |
openSUSE | 7.3 | sparc | pam_smb | < 1.1.6-147 | pam_smb-1.1.6-147.sparc.rpm |
openSUSE | 8.1 | i586 | pam_smb | < 1.1.6-500 | pam_smb-1.1.6-500.i586.rpm |
openSUSE | 7.3 | ppc | pam_smb | < 1.1.6-328 | pam_smb-1.1.6-328.ppc.rpm |
openSUSE | 8.0 | i386 | pam_smb | < 1.1.6-500 | pam_smb-1.1.6-500.i386.rpm |
openSUSE | 7.3 | i386 | pam_smb | < 1.1.6-501 | pam_smb-1.1.6-501.i386.rpm |