Mandrake Linux Security Advisory : pam (MDKSA-2000:029)

High Nessus Plugin ID 61826


The remote Mandrake Linux host is missing one or more security updates.


There is a problem with the pam_console module that incorrectly identifies remote X logins for displays other than :0 (for example, :1, :2, etc.) as being local displays, thus giving control of the console to the remote user. Because the remote user has control of the console they are able to issue commands to reboot the remote system after providing their password. Please note that this vulnerability is only exploitable if the system is running a graphical login manager like gdm, kdm, or xdm and if XDMCP is enabled and remote access is granted. Users are highly recommended to upgrade to this version which fixes the exploit (thanks to RedHat).


Update the affected pam, pam-devel and / or pam-doc packages.

Plugin Details

Severity: High

ID: 61826

File Name: mandrake_MDKSA-2000-029.nasl

Version: $Revision: 1.3 $

Type: local

Published: 2012/09/06

Modified: 2013/05/31

Dependencies: 12634

Risk Information

Risk Factor: High

Vulnerability Information

CPE: p-cpe:/a:mandriva:linux:pam, p-cpe:/a:mandriva:linux:pam-devel, p-cpe:/a:mandriva:linux:pam-doc, cpe:/o:mandrakesoft:mandrake_linux:6.0, cpe:/o:mandrakesoft:mandrake_linux:6.1, cpe:/o:mandrakesoft:mandrake_linux:7.0, cpe:/o:mandrakesoft:mandrake_linux:7.1

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/Mandrake/release, Host/Mandrake/rpm-list

Patch Publication Date: 2000/08/01

Reference Information

MDKSA: 2000:029