Mandrake Linux Security Advisory : pam (MDKSA-2000:029)

high Nessus Plugin ID 61826

Synopsis

The remote Mandrake Linux host is missing one or more security updates.

Description

There is a problem with the pam_console module that incorrectly identifies remote X logins for displays other than :0 (for example, :1, :2, etc.) as being local displays, thus giving control of the console to the remote user. Because the remote user has control of the console they are able to issue commands to reboot the remote system after providing their password. Please note that this vulnerability is only exploitable if the system is running a graphical login manager like gdm, kdm, or xdm and if XDMCP is enabled and remote access is granted. Users are highly recommended to upgrade to this version which fixes the exploit (thanks to RedHat).

Solution

Update the affected pam, pam-devel and / or pam-doc packages.

Plugin Details

Severity: High

ID: 61826

File Name: mandrake_MDKSA-2000-029.nasl

Version: 1.6

Type: local

Published: 9/6/2012

Updated: 1/6/2021

Supported Sensors: Nessus

Vulnerability Information

CPE: cpe:/o:mandrakesoft:mandrake_linux:7.0, cpe:/o:mandrakesoft:mandrake_linux:7.1, p-cpe:/a:mandriva:linux:pam, p-cpe:/a:mandriva:linux:pam-devel, p-cpe:/a:mandriva:linux:pam-doc, cpe:/o:mandrakesoft:mandrake_linux:6.0, cpe:/o:mandrakesoft:mandrake_linux:6.1

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/Mandrake/release, Host/Mandrake/rpm-list

Patch Publication Date: 8/1/2000

Reference Information

MDKSA: 2000:029