|
|
Family: Debian Local Security Checks --> Category: infos
[DSA374] DSA-374-1 libpam-smb Vulnerability Scan
Vulnerability Scan Summary
DSA-374-1 libpam-smb
Detailed Explanation for this Vulnerability Test
libpam-smb is a PAM authentication module which makes it possible to
authenticate users against a password database managed by Samba or a
Microsoft Windows server. If a long password is supplied, this can
cause a buffer overflow which could be exploited to execute arbitrary
code with the rights of the process which invokes PAM services.
For the stable distribution (woody) this problem has been fixed in
version 1.1.6-1.1woody1.
The unstable distribution (sid) does not contain a libpam-smb
package.
We recommend that you update your libpam-smb package.
Solution : http://www.debian.org/security/2003/dsa-374
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|
