Sun Solaris 8 PAM Session Evasion Vulnerability

Sun Solaris 8 PAM Session Evasion Vulnerability

Under some conditions, it may be possible for users of Solaris 8 to evade PAM session restrictions.

Reportedly, the pam_open_session() function call may fail with a segmentation fault if either of the variables PAM_RHOST or PAM_TTY are NULL. Exploitation may allow a user to avoid PAM session restrictions.