The pam_sm_authenticate function in pam_sshauth.c in libpam-sshauth might allow context-dependent attackers to bypass authentication or gain privileges via a system user account.
References
Link | Resource |
---|---|
http://www.debian.org/security/2016/dsa-3567 | Third Party Advisory |
https://bazaar.launchpad.net/~ltsp-upstream/ltsp/libpam-sshauth/revision/114#src/pam_sshauth.c | Broken Link |
Configurations
History
05 Apr 2021, 11:35
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:libpam-sshauth_project:libpam-sshauth:-:*:*:*:*:*:*:* | |
References | (DEBIAN) http://www.debian.org/security/2016/dsa-3567 - Third Party Advisory | |
References | (CONFIRM) https://bazaar.launchpad.net/~ltsp-upstream/ltsp/libpam-sshauth/revision/114#src/pam_sshauth.c - Broken Link |
Information
Published : 2016-05-06 17:59
Updated : 2023-12-10 11:46
NVD link : CVE-2016-4422
Mitre link : CVE-2016-4422
CVE.ORG link : CVE-2016-4422
JSON object : View
Products Affected
debian
- debian_linux
libpam-sshauth_project
- libpam-sshauth
CWE
CWE-287
Improper Authentication