TUCoPS :: SunOS/Solaris :: ldap.htm

Solaris 2.x pam_ldap.so.1 null password hole
Vulnerability

    pam_ldap.so.1

Affected

    Solaris 2.x

Description

    Caleb David  posted following.   The problem  is that  if you  use
    this module for authentication, as configured in pam.conf per  the
    pam_ldap  manpage  (for  example),  entering  a NULL password is a
    quick way to get a login  shell prompt.  That is, entering  a NULL
    password  is  technically  equivalent  to  entering  the   correct
    password  as  far  as  this  module  is  concerned.   Providing an
    incorrect  password  (other  than  NULL,  of  course)  or  a valid
    password results in proper behavior.

    Using the pam_ldap module  compiled from source code  available at
    http://www.padl.com appears  to work  correctly though  Caleb only
    had time to test against the problem described above.

Solution

    Sunsolve has  bugid 4384816  on file  regarding this  issue.  It's
    been known since 06-Nov-2000 with  a status of 'Evaluated' but  no
    workaround or other information,  helpful or otherwise, posted  as
    yet.

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH