CVE-2006-7108

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2006-7108
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2006-7108.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2006-7108
Published
2007-03-04T22:19:00Z
Modified
2024-11-21T00:24:24Z
Summary
[none]
Details

login in util-linux-2.12a skips pamacctmgmt and chauthtok when authentication is skipped, such as when a Kerberos krlogin session has been established, which might allow users to bypass intended access policies that would be enforced by pamacctmgmt and chauthtok.

References

Affected packages

Debian:11 / util-linux

Package

Name
util-linux
Purl
pkg:deb/debian/util-linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.17.2-9

Ecosystem specific 

{
    "urgency": "unimportant"
}

Debian:12 / util-linux

Package

Name
util-linux
Purl
pkg:deb/debian/util-linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.17.2-9

Ecosystem specific 

{
    "urgency": "unimportant"
}

Debian:13 / util-linux

Package

Name
util-linux
Purl
pkg:deb/debian/util-linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.17.2-9

Ecosystem specific 

{
    "urgency": "unimportant"
}