Secunia
Login
|
|
CVE Reference: CVE-2010-0833 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2010-0833 |
|
|
Description: The pam_lsass library in Likewise Open 5.4 and CIFS 5.4 before build 8046, and 6.0 before build 8234, as used in HP StorageWorks X9000 Network Storage Systems and possibly other products, uses "SetPassword logic" when running as part of a root service, which allows remote attackers to bypass authentication for a Likewise Security Authority (lsassd) account whose password is marked as expired. |
|
|
CVE Status: Candidate |
|
|
References: UBUNTU http://www.ubuntu.com/usn/USN-964-1 ST 1025031 SAID Secunia Advisory: SA40725 Secunia Advisory: SA40736 Secunia Advisory: SA43244 HP http://marc.info/?l=bugtraq&m=129719002806096&w=2 CONFIRM http://www.likewise.com/community/index.php/forums/viewthread/772/ BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/512643/100/0/threaded |
|
| Return to the previous page. |
