Package name
Advisory ID
Affected versions
6.1 i586 , 6.0 i586 , 7.0 i586 , 7.1 i586

Problem description

A bug exists in two PAM modules: pam_smb and pam_ntdom. They are pluggable authentication modules that allow authentication of usernames and passwords in PAM-compatible environments against Windows and Samba. Both modules contain remotely exploitable stack buffer overflows. This bug allows an attacker to execute arbitary code as root. The versions affected are: pam_smb < 1.1.6 and pam_ntdom < 0.24. Linux-Mandrake does not ship with either the pam_smb or pam_ntdom modules and is therefore not vulnerable to this exploit. Linux-Mandrake users who have installed this package on their own are encouraged to upgrade to the latest versions available: pam_smb 1.1.6 at pam_ntdom 0.24 at

Updated packages

6.1 i586

 na 6.1/RPMS/na

6.0 i586

 na 6.0/RPMS/na

7.0 i586

 na 7.0/RPMS/na

7.1 i586

 na 7.1/RPMS/na