September 11, 2001

Vulnerabilities in PAM and NSS modules

Author: JT Smith

Help Net Security posts information regarding vulnerabilities in PAM and NSS modules using a PostgreSQL database: "The attack can execute arbitrary SQL statements under the database user used for
querying the PostgreSQL database. Responses from the database backend can be
faked. Exploiting the vulnerability in a PAM module, an attacker might gain unauthorized
access. The possibilities of an attacker facing a vulnerable NSS module depend heavily
on the system configuration and the offered services."


  • Linux
Click Here!