TROYANOSYVIRUS
Volver a CVEs

CVE-2006-0056

N/A

Descripcion

Double free vulnerability in the authentication and authentication token alteration code in PAM-MySQL 0.6.x before 0.6.2 and 0.7.x before 0.7pre3 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted passwords, which lead to a double free of a pointer that was created by the pam_get_item function. NOTE: this issue only occurs in certain configurations in which there are multiple PAM modules, PAM-MySQL is not evaluated first, and there are no requisite modules before PAM-MySQL.

Detalles CVE

Puntuacion CVSS v3.1N/A
Publicado2/13/2006
Ultima modificacion4/16/2026
Fuentenvd
Avistamientos honeypot0

Productos afectados

pam-mysql:pam-mysql

Debilidades (CWE)

CWE-119

Referencias

http://jvn.jp/cert/JVNVU%23693909/index.html(cret@cert.org)
http://secunia.com/advisories/18598(cret@cert.org)
http://secunia.com/advisories/20690(cret@cert.org)
http://securitytracker.com/id?1015603(cret@cert.org)
http://sourceforge.net/forum/forum.php?forum_id=499394(cret@cert.org)
http://www.gentoo.org/security/en/glsa/glsa-200606-18.xml(cret@cert.org)
http://www.kb.cert.org/vuls/id/693909(cret@cert.org)
http://www.osvdb.org/22994(cret@cert.org)
http://www.osvdb.org/22995(cret@cert.org)
http://www.securityfocus.com/bid/16564(cret@cert.org)
http://www.vupen.com/english/advisories/2006/0490(cret@cert.org)
http://jvn.jp/cert/JVNVU%23693909/index.html(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/18598(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/20690(af854a3a-2127-422b-91ae-364da2661108)
http://securitytracker.com/id?1015603(af854a3a-2127-422b-91ae-364da2661108)
http://sourceforge.net/forum/forum.php?forum_id=499394(af854a3a-2127-422b-91ae-364da2661108)
http://www.gentoo.org/security/en/glsa/glsa-200606-18.xml(af854a3a-2127-422b-91ae-364da2661108)
http://www.kb.cert.org/vuls/id/693909(af854a3a-2127-422b-91ae-364da2661108)
http://www.osvdb.org/22994(af854a3a-2127-422b-91ae-364da2661108)
http://www.osvdb.org/22995(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/16564(af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2006/0490(af854a3a-2127-422b-91ae-364da2661108)

Correlaciones IOC

Sin correlaciones registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.