Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.1
CVE-2024-47191
- EPSS 0.09%
- Published 09.10.2024 05:15:13
- Last modified 21.11.2024 09:39:30
pam_oath.so in oath-toolkit 2.6.7 through 2.6.11 before 2.6.12 allows root privilege escalation because, in the context of PAM code running as root, it mishandles usersfile access, such as by calling fchown in the presence of a symlink.
4.9
CVE-2013-7322
- EPSS 0.38%
- Published 09.03.2014 13:16:56
- Last modified 12.04.2025 10:46:40
usersfile.c in liboath in OATH Toolkit before 2.4.1 does not properly handle lines containing an invalid one-time-password (OTP) type and a user name in /etc/users.oath, which causes the wrong line to be updated when invalidating an OTP and allows co...
1