PT-2006-6366 · Unknown · Pam Extern

Published

2006-11-03

Updated

2017-07-20

CVE-2006-5659

CVSS v2.0

2.1

Low

Vector

AV:L/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions: PAM extern versions prior to 0.2

Description: The issue allows local users to obtain a password by listing command line arguments, such as using the ps command. This occurs because the password is sent as a command line argument.

Recommendations: For versions prior to 0.2, update to version 0.2 or later to resolve the issue. As a temporary workaround, consider restricting access to command line argument listings to minimize the risk of password exposure.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2006-5659

Affected Products

Pam Extern

PT-2006-6366 · Unknown · Pam Extern

CVE-2006-5659

Related Identifiers

Affected Products

References · 3