September 12, 2000

Linux-Mandrake security advisory

Author: JT Smith

A bug exists in two PAM modules: pam_smb and pam_ntdom. They are
pluggable authentication modules that allow authentication of usernames
and passwords in PAM-compatible environments against Windows and Samba.
Both modules contain remotely exploitable stack buffer overflows. This
bug allows an attacker to execute arbitary code as root. The versions
affected are: pam_smb advisory is at


  • Linux
Click Here!