OSVDB ID: 22995

Title: PAM-MySQL Authentication pam_get_item() Function Unspecified Privilege Escalation

Info

Disclosure

Sep 28, 2005

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

PAM-MySQL contains a flaw that may allow a malicious user to cause a double-free in the pam_get_item function. The issue is triggered when a malicious user sends crafted authentication credentials. It is possible that the flaw may cause the PAM-MySQL process to crash or allow arbitrary code execution resulting in a loss of integrity or availability.

Classification

Location: Remote / Network Access
Attack Type: Denial of Service, Input Manipulation
Impact: Loss of Integrity, Loss of Availability
Exploit: Exploit Unknown
Disclosure: OSVDB Verified, Vendor Verified
OSVDB: Web Related

Solution

Upgrade to version 0.6.2 or 0.7pre3 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

PAM-MySQL Developers	PAM-MySQL	0.6.1
		0.7pre2

References

Security Tracker: 1015603
Secunia Advisory ID: 18598 20690
CVE ID: 2006-0056 (see also: NVD)
Related OSVDB ID: 22994
CERT VU: 693909
Other Advisory URL: http://jvn.jp/cert/JVNVU%23693909/index.html
http://www.gentoo.org/security/en/glsa/glsa-200606-18.xml
Vendor Specific Advisory URL: http://pam-mysql.sourceforge.net/News/00005.php
Vendor Specific News/Changelog Entry: http://sourceforge.net/forum/forum.php?forum_id=499394

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/22995

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

PAM-MySQL Developers

PAM-MySQL

References

Credit