Buffer overflow in pam_smb and pam_ntdom pluggable authentication modules (PAM) allow remote attackers to execute arbitrary commands via a login with a long user name.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| luke_kenneth_casson_leighton | pam_ntdom | 0.23 |
| dave_airlie | pam_smb | 1.1.5 |
Buffer overflow in PAM SMB module (pam_smb) 1.1.6 and earlier, when authenticating to a remote service, allows remote attackers to execute arbitrary code.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| dave_airlie | pam_smb | 1.1 |
| dave_airlie | pam_smb | 1.1.3 |
| dave_airlie | pam_smb | 1.1.4 |
| dave_airlie | pam_smb | 2.0_rc4 |
| dave_airlie | pam_smb | 1.1.6 |
| redhat | pam_smb | 1.1.6-7 |
| redhat | pam_smb | 1.1.6-2 |
| dave_airlie | pam_smb | 1.1.2 |
| dave_airlie | pam_smb | 1.1.1 |
| redhat | pam_smb | 1.1.6-5 |
| dave_airlie | pam_smb | 1.1.5 |