CONECTIVA LINUX SECURITY ANNOUNCEMENT
PACKAGE : pam_smb SUMMARY : Buffer overflow DATE : 2000-09-11 18:53:00 RELEVANT RELEASES : 5.1
There is a buffer overflow in pam_smb versions 1.1.5 and below that
could be exploited to gain root privileges. This package is not
used by default in Conectiva Linux, but it is part of the
distribution. Remote root access could be gained if a vulnerable
pam_smb were to be used to authenticate users in remote services,
such as ssh, telnet and others.
SOLUTION All pam_smb users should upgrade immediately.
DIRECT DOWNLOAD LINKS TO THE UPDATED PACKAGES
All packages are signed with Conectiva’s GPG key. The key can be
subscribe: [email protected]
unsubscribe: [email protected]