Ubuntu Security Notice USN-2935-1

Discussion in 'News Aggregator' started by Packet Storm, 17 Mar 2016.

  1. Packet Storm

    Packet Storm Guest

    Ubuntu Security Notice 2935-1 - It was discovered that the PAM pam_userdb module incorrectly used a case-insensitive method when comparing hashed passwords. A local attacker could possibly use this issue to make brute force attacks easier. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. Sebastian Krahmer discovered that the PAM pam_timestamp module incorrectly performed filtering. A local attacker could use this issue to create arbitrary files, or possibly bypass authentication. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. Various other issues were also addressed.

    Continue reading...
     
    #1 Packet Storm, 17 Mar 2016
(You must log in or sign up to post here.)

Share This Page

Loading...