oss-sec mailing list archives
Minor security flaw with pam_xauth
From: Tim Brown <timb () nth-dimension org uk>
Date: Mon, 16 Aug 2010 12:05:13 +0100
Here's another bug where privileged code isn't checking the return value from setuid(): http://sourceforge.net/tracker/?func=detail&aid=3028213&group_id=6663&atid=106663 I don't think this needs a CVE as I haven't found a useful way to exploit it but maybe someone on here will spot something I've missed. Either way, I would have thought it should be fixed. Tim PS Is it just me or does "I fail to see how RLIMIT_NPROC should have any affect on setuid." in the comments a touch disconcerting given that it's from the PAM maintainer? -- Tim Brown <mailto:timb () nth-dimension org uk> <http://www.nth-dimension.org.uk/>
Attachment:
signature.asc
Description: This is a digitally signed message part.
Current thread:
- Minor security flaw with pam_xauth Tim Brown (Aug 16)
- Re: Minor security flaw with pam_xauth Steven M. Christey (Aug 16)
- Re: Minor security flaw with pam_xauth Solar Designer (Sep 21)
- Re: Minor security flaw with pam_xauth Josh Bressers (Sep 21)
- Re: Minor security flaw with pam_xauth Steven M. Christey (Sep 21)
- Re: Minor security flaw with pam_xauth Josh Bressers (Sep 21)
- Re: Minor security flaw with pam_xauth Solar Designer (Sep 21)
- Re: Minor security flaw with pam_xauth Josh Bressers (Sep 21)
- Re: Minor security flaw with pam_xauth Solar Designer (Sep 24)
- Re: Minor security flaw with pam_xauth Vincent Danen (Sep 27)
- Re: Minor security flaw with pam_xauth Vincent Danen (Sep 27)
- Re: Minor security flaw with pam_xauth Josh Bressers (Sep 21)