October 18, 2001

Trustix Secure Linux: Util-linux update

Author: JT Smith

From Net-security.org: "The 'login' program in util-linux stored the user's
credentials in a static buffer that could later be reused
in other PAM calls issued on behalf of other users. This
could lead to a user gaining access to other accounts.

Note that this is not possible by default."

Category:

  • Linux
Click Here!