oss-sec mailing list archives
Re: Heads up: PAM 1.5.0 has a auth bypass under some conditions
From: John Helmert III <jchelmert3 () posteo net>
Date: Tue, 24 Nov 2020 12:02:52 -0600
On Tue, Nov 24, 2020 at 07:20:21PM +0100, Marcus Meissner wrote:
Hi, (via IRC, spotted by Foxboron) PAM 1.5.0 had a potential auth bypass, if a user did not exist and the root password was empty (but root locked down). The reporters usecase was spammers pretending to be unknown users with a PAM enabled dovecot. This issue affected only pam 1.5.0. News entry: https://github.com/linux-pam/linux-pam/commit/28b8c7045ac8ea4ea080bce02a2df9e3b9e98f06 CVE-2020-27780 github issue reporting the problem: https://github.com/linux-pam/linux-pam/issues/284 Fixing commit: https://github.com/linux-pam/linux-pam/commit/af0faf666c5008e54dfe43684f210e3581ff1bca
It looks like that commit is in 1.5.0, and the issue was closed by commit 30fdfb9 (not af0faf6).
Attachment:
signature.asc
Description:
Current thread:
- Heads up: PAM 1.5.0 has a auth bypass under some conditions Marcus Meissner (Nov 24)
- Re: Heads up: PAM 1.5.0 has a auth bypass under some conditions John Helmert III (Nov 24)
- Re: Heads up: PAM 1.5.0 has a auth bypass under some conditions Érico Nogueira (Nov 24)
- Re: Heads up: PAM 1.5.0 has a auth bypass under some conditions Dmitry V. Levin (Nov 24)
- Re: Heads up: PAM 1.5.0 has a auth bypass under some conditions John Helmert III (Nov 24)