Family: Mandrake Local Security Checks --> Category: infos
MDKSA-2003:017-1: pam Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the pam package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory MDKSA-2003:017-1 (pam).
Andreas Beck discovered that the pam_xauth module would forward authorization
information from the root account to unprivileged users. This can be exploited
by a local attacker to gain access to the root user's X session. In order for it
to be successfully exploited, the attacker would have to somehow get the root
user to su to the account belonging to the attacker.
The previous fix was incorrect because certain applications, such as userdrake
and net_monitor could not be executed as root, although they could be executed
as users who successfully authenticated as root.
Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2003:017-1
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.