Hey there,
I'm currently mining CVEs because of this bug. Since you have it as a comment in your source I mention it here. Not checking pam-handles with pam_acct_mgmt after pam_authenticate allows non authorized accounts to login.
|
/* TODO: consider pam_acct_mgmt */ |
Hey there,
I'm currently mining CVEs because of this bug. Since you have it as a comment in your source I mention it here. Not checking pam-handles with pam_acct_mgmt after pam_authenticate allows non authorized accounts to login.
libinfinity/infinoted/infinoted-pam.c
Line 286 in 00b0c5c