Ubuntu Security Notice (C) 2010-2013 Canonical, Inc. / NASL script (C) 2010-2013 Tenable Network Security, Inc.
The remote Ubuntu host is missing a security-related patch.
USN-955-1 fixed vulnerabilities in OPIE. This update provides rebuilt
libpam-opie packages against the updated libopie library.
Maksymilian Arciemowicz and Adam Zabrocki discovered that OPIE
incorrectly handled long usernames. A remote attacker could exploit
this with a crafted username and make applications linked against
libopie crash, leading to a denial of service.
Update the affected libpam-opie package.
Risk factor :
High / CVSS Base Score : 9.3
CVSS Temporal Score : 7.3
Public Exploit Available : true