A bug exists in two PAM modules: pam_smb and pam_ntdom. They are
pluggable authentication modules that allow authentication of usernames
and passwords in PAM-compatible environments against Windows and Samba.
Both modules contain remotely exploitable stack buffer overflows. This
bug allows an attacker to execute arbitary code as root. The versions
affected are: pam_smb advisory is at LWN.net.
September 12, 2000