oss-sec mailing list archives

CVE request: pam_shield

From: Jonathan Niehof <jtniehof () gmail com>
Date: Fri, 11 May 2012 14:04:43 -0600

Requestor: Jonathan Niehof, jtniehof () gmail com
package: pam_shield, http://www.heiho.net/pam_shield/index.html

Type of vulnerability:
This utility is intended to block IP addresses showing suspicious
behaviour, to disarm a potential attack. In versions before 0.9.4, if
configuration option "allow_missing_dns" is set to no, it performs no
blocking. This setting is used in the example configuration file,
which is installed by default in Debian. Thus, systems using the
suggested or default configuration receive no protection.

This vulnerability provides no vector for an attacker, local or
remote, to gain any privileges. It simply fails to provide the
intended protection.

Mainline fix: https://github.com/walterdejong/pam_shield/commit/afa7b246018787fe6028289c414c33292641e1e0
Debian bug report and fix:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=658830

Vulnerable versions: mainline up to and including 0.9.3. Debian up to
and including 0.9.2-3.2
First fixed versions: mainline 0.9.4. Debian 0.9.2-3.3

Current thread:

CVE request: pam_shield Jonathan Niehof (May 11)
- Re: CVE request: pam_shield Kurt Seifried (May 11)