[13660] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: RedHat 6.1 /and others/ PAM

daemon@ATHENA.MIT.EDU (Crashkiller)
Wed Feb 2 15:20:07 2000

Content-Type: text/plain; charset=US-ASCII
Mime-Version: 1.0
Content-Transfer-Encoding: 7BIT
Message-Id:  <00020113302000.00617@WusTanges.org>
Date:         Tue, 1 Feb 2000 13:26:41 +0100
Reply-To: pawq@kki.net.pl
From: Crashkiller <pawq@KKI.NET.PL>
X-To:         BUGTRAQ@SECURITYFOCUS.COM
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To:  <lcamtuf.4.05.10001301212030.838-101000@nimue.ids.pl>

On Sun, 30 Jan 2000, you wrote:
>
> A vulnerability /feature?;)/ in PAM shipped with RedHat 6.1 allows
> attacker to perform rapid brute-force password cracking attack without any
> evidence in system logs.
>
> Exploit attached.
>
> Fix: do syslog() stuff before sleep() or change /bin/su behaviour in some
> other way.

Not true.It is already fixed in Red Hat 6.1 - pam-0.68-7


--

Save YourSelf And Stay Cool
Crashkiller

+----------------------------------------+
|  WWW  : blue.profex.com.pl/~pawq                                |
|  MAIL : pawq@blue.profex.com.pl  crashev@sys.com.pl   |
|          crashev@k9.team.com.pl   pawq@kki.net.pl           |
|  IRC  : nick crashkiller on #hackingpl #nokia-l                |
|        Polish Linux Userz Group / Plbugz Team                 |
+----------------------------------------+


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[13660] in bugtraq

Re: RedHat 6.1 /and others/ PAM

daemon@ATHENA.MIT.EDU (Crashkiller)Wed Feb 2 15:20:07 2000

daemon@ATHENA.MIT.EDU (Crashkiller)
Wed Feb 2 15:20:07 2000