PT-2008-3472 · Linux Pam+2 · Pam Succeed If.So+2

Published

2008-07-24

Updated

2017-09-29

CVE-2008-1946

CVSS v2.0

4.4

Medium

Vector

AV:L/AC:M/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions GNU coreutils version 5.2.1

Description The default configuration of su in /etc/pam.d/su allows local users to gain the privileges of a locked or expired account by entering the account name on the command line. This issue is related to the improper use of the pam succeed if.so module.

Recommendations For GNU coreutils version 5.2.1, consider modifying the /etc/pam.d/su configuration to properly handle locked or expired accounts, ensuring that the pam succeed if.so module is used correctly to prevent unauthorized privilege escalation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-264

Related Identifiers

CVE-2008-1946

RHSA-2008:0780

RHSA-2008_0780

Affected Products

Gnu Coreutils

Red Hat

Pam Succeed If.So

PT-2008-3472 · Linux Pam+2 · Pam Succeed If.So+2

CVE-2008-1946

Weakness Enumeration

Related Identifiers

Affected Products

References · 12