• info
• discussion
• exploit
• solution
• references

Linux-PAM Configuration File Non-ASCII User Name Handling Local Privilege Escalation Vulnerability

Solution:
Updates are available. Please see the references for more information.


MandrakeSoft Linux Mandrake 2008.1 x86_64

• Mandriva lib64pam-devel-0.99.8.1-8.1mdv2008.1.x86_64.rpm
  http://www.mandriva.com/en/download/


• Mandriva pam-0.99.8.1-8.1mdv2008.1.x86_64.rpm
  http://www.mandriva.com/en/download/


• Mandriva pam-doc-0.99.8.1-8.1mdv2008.1.x86_64.rpm
  http://www.mandriva.com/en/download/


• Mandriva lib64pam0-0.99.8.1-8.1mdv2008.1.x86_64.rpm
  http://www.mandriva.com/en/download/

MandrakeSoft Linux Mandrake 2008.1

• Mandriva pam-doc-0.99.8.1-8.1mdv2008.1.i586.rpm
  http://www.mandriva.com/en/download/


• Mandriva libpam0-0.99.8.1-8.1mdv2008.1.i586.rpm
  http://www.mandriva.com/en/download/


• Mandriva pam-0.99.8.1-8.1mdv2008.1.i586.rpm
  http://www.mandriva.com/en/download/


• Mandriva libpam-devel-0.99.8.1-8.1mdv2008.1.i586.rpm
  http://www.mandriva.com/en/download/

MandrakeSoft Linux Mandrake 2008.0 x86_64

• Mandriva pam-0.99.8.1-6.1mdv2008.0.x86_64.rpm
  http://www.mandriva.com/en/download/


• Mandriva lib64pam0-0.99.8.1-6.1mdv2008.0.x86_64.rpm
  http://www.mandriva.com/en/download/


• Mandriva lib64pam-devel-0.99.8.1-6.1mdv2008.0.x86_64.rpm
  http://www.mandriva.com/en/download/


• Mandriva pam-doc-0.99.8.1-6.1mdv2008.0.x86_64.rpm
  http://www.mandriva.com/en/download/

MandrakeSoft Linux Mandrake 2008.0

• Mandriva pam-0.99.8.1-6.1mdv2008.0.i586.rpm
  http://www.mandriva.com/en/download/


• Mandriva libpam0-0.99.8.1-6.1mdv2008.0.i586.rpm
  http://www.mandriva.com/en/download/


• Mandriva libpam-devel-0.99.8.1-6.1mdv2008.0.i586.rpm
  http://www.mandriva.com/en/download/


• Mandriva pam-doc-0.99.8.1-6.1mdv2008.0.i586.rpm
  http://www.mandriva.com/en/download/

MandrakeSoft Linux Mandrake 2009.0

• Mandriva libpam-devel-0.99.8.1-16.1mdv2009.0.i586.rpm
  http://www.mandriva.com/en/download/


• Mandriva libpam0-0.99.8.1-16.1mdv2009.0.i586.rpm
  http://www.mandriva.com/en/download/


• Mandriva pam-doc-0.99.8.1-16.1mdv2009.0.i586.rpm
  http://www.mandriva.com/en/download/


• Mandriva pam-0.99.8.1-16.1mdv2009.0.i586.rpm
  http://www.mandriva.com/en/download/

MandrakeSoft Corporate Server 4.0

• Mandriva libpam0-devel-0.77-31.1.20060mlcs4.i586.rpm
  http://www.mandriva.com/en/download/


• Mandriva libpwdb0-0.62-2.1.20060mlcs4.i586.rpm
  http://www.mandriva.com/en/download/


• Mandriva libpwdb0-devel-0.62-2.1.20060mlcs4.i586.rpm
  http://www.mandriva.com/en/download/


• Mandriva cracklib-dicts-2.8.3-1.1.20060mlcs4.i586.rpm
  http://www.mandriva.com/en/download/


• Mandriva libcrack2-2.8.3-1.1.20060mlcs4.i586.rpm
  http://www.mandriva.com/en/download/


• Mandriva pam-doc-0.77-31.1.20060mlcs4.i586.rpm
  http://www.mandriva.com/en/download/


• Mandriva libpwdb0-static-devel-0.62-2.1.20060mlcs4.i586.rpm
  http://www.mandriva.com/en/download/


• Mandriva libpam0-0.77-31.1.20060mlcs4.i586.rpm
  http://www.mandriva.com/en/download/


• Mandriva libcrack2-devel-2.8.3-1.1.20060mlcs4.i586.rpm
  http://www.mandriva.com/en/download/


• Mandriva pam-0.77-31.1.20060mlcs4.i586.rpm
  http://www.mandriva.com/en/download/


• Mandriva pwdb-conf-0.62-2.1.20060mlcs4.i586.rpm
  http://www.mandriva.com/en/download/

MandrakeSoft Linux Mandrake 2009.0 x86_64

• Mandriva lib64pam-devel-0.99.8.1-16.1mdv2009.0.x86_64.rpm
  http://www.mandriva.com/en/download/


• Mandriva pam-0.99.8.1-16.1mdv2009.0.x86_64.rpm
  http://www.mandriva.com/en/download/


• Mandriva pam-doc-0.99.8.1-16.1mdv2009.0.x86_64.rpm
  http://www.mandriva.com/en/download/


• Mandriva lib64pam0-0.99.8.1-16.1mdv2009.0.x86_64.rpm
  http://www.mandriva.com/en/download/

Linux-PAM Linux-PAM 1.0.3

• Linux-PAM Linux-PAM-1.0.4.tar.bz2
  http://www.kernel.org/pub/linux/libs/pam/library/Linux-PAM-1.0.4.tar.b z2

MandrakeSoft Multi Network Firewall 2.0

• Mandriva libpam0-devel-0.77-12.2.C30mdk.i586.rpm
  http://www.mandriva.com/en/download/


• Mandriva pam-doc-0.77-12.2.C30mdk.i586.rpm
  http://www.mandriva.com/en/download/


• Mandriva pam-0.77-12.2.C30mdk.i586.rpm
  http://www.mandriva.com/en/download/


• Mandriva libpam0-0.77-12.2.C30mdk.i586.rpm
  http://www.mandriva.com/en/download/

MandrakeSoft Corporate Server 3.0 x86_64

• Mandriva pam-doc-0.77-12.2.C30mdk.x86_64.rpm
  http://www.mandriva.com/en/download/


• Mandriva lib64pam0-0.77-12.2.C30mdk.x86_64.rpm
  http://www.mandriva.com/en/download/


• Mandriva lib64pam0-devel-0.77-12.2.C30mdk.x86_64.rpm
  http://www.mandriva.com/en/download/


• Mandriva pam-0.77-12.2.C30mdk.x86_64.rpm
  http://www.mandriva.com/en/download/

MandrakeSoft Corporate Server 3.0

• Mandriva pam-doc-0.77-12.2.C30mdk.i586.rpm
  http://www.mandriva.com/en/download/


• Mandriva libpam0-0.77-12.2.C30mdk.i586.rpm
  http://www.mandriva.com/en/download/


• Mandriva libpam0-devel-0.77-12.2.C30mdk.i586.rpm
  http://www.mandriva.com/en/download/


• Mandriva pam-0.77-12.2.C30mdk.i586.rpm
  http://www.mandriva.com/en/download/

MandrakeSoft Corporate Server 4.0 x86_64

• Mandriva lib64crack2-devel-2.8.3-1.1.20060mlcs4.x86_64.rpm
  http://www.mandriva.com/en/download/


• Mandriva lib64crack2-2.8.3-1.1.20060mlcs4.x86_64.rpm
  http://www.mandriva.com/en/download/


• Mandriva cracklib-dicts-2.8.3-1.1.20060mlcs4.x86_64.rpm
  http://www.mandriva.com/en/download/


• Mandriva lib64pam0-devel-0.77-31.1.20060mlcs4.x86_64.rpm
  http://www.mandriva.com/en/download/


• Mandriva lib64pwdb0-static-devel-0.62-2.1.20060mlcs4.x86_64.rpm
  http://www.mandriva.com/en/download/


• Mandriva lib64pwdb0-0.62-2.1.20060mlcs4.x86_64.rpm
  http://www.mandriva.com/en/download/


• Mandriva lib64pam0-0.77-31.1.20060mlcs4.x86_64.rpm
  http://www.mandriva.com/en/download/


• Mandriva pam-0.77-31.1.20060mlcs4.x86_64.rpm
  http://www.mandriva.com/en/download/


• Mandriva pam-doc-0.77-31.1.20060mlcs4.x86_64.rpm
  http://www.mandriva.com/en/download/


• Mandriva pwdb-conf-0.62-2.1.20060mlcs4.x86_64.rpm
  http://www.mandriva.com/en/download/


• Mandriva lib64pwdb0-devel-0.62-2.1.20060mlcs4.x86_64.rpm
  http://www.mandriva.com/en/download/