Author: JT Smith
Help Net Security posts information regarding vulnerabilities in PAM and NSS modules using a PostgreSQL database: “The attack can execute arbitrary SQL statements under the database user used for
querying the PostgreSQL database. Responses from the database backend can be
faked. Exploiting the vulnerability in a PAM module, an attacker might gain unauthorized
access. The possibilities of an attacker facing a vulnerable NSS module depend heavily
on the system configuration and the offered services.”
querying the PostgreSQL database. Responses from the database backend can be
faked. Exploiting the vulnerability in a PAM module, an attacker might gain unauthorized
access. The possibilities of an attacker facing a vulnerable NSS module depend heavily
on the system configuration and the offered services.”
Category:
- Linux
