oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

CVE Request -- pam

From: Jan Lieskovsky <jlieskov () redhat com>
Date: Thu, 05 Mar 2009 10:55:53 +0100
Hello Steve,

  Marcus Granado recently reported a security issue in 
libpam related to parsing of non-ascii usernames in
the Pam configuration files. Attaching his report for
more details.

Affected version: pam <= 1.0.3

Link to SCM repo: http://pam.cvs.sourceforge.net/viewvc/pam/Linux-PAM/libpam/pam_misc.c?view=log
Patch: http://pam.cvs.sourceforge.net/viewvc/pam/Linux-PAM/libpam/pam_misc.c?r1=1.9&amp;r2=1.10&amp;view=patch


Could you please allocate a new CVE id for it?

Thanks && regards, Jan.
--
Jan iankko Lieskovsky / Red Hat Security Response Team

Attachment: pam_misc.txt
Description:

Previous By Date Next
Previous By Thread Next

Current thread: