Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Rule Set Based Access Control (RSBAC) before 1.3.5 does not properly use the Linux Kernel Crypto API for the Linux kernel 2.6.x, which allows context-dependent attackers to bypass authentication controls via unspecified vectors, possibly involving User Management password hashing and unchecked function return codes.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
RSBAC 安全漏洞
Vulnerability Description
RSBAC是Linux内核的开源访问控制框架。 RSBAC的实现上存在安全漏洞,远程攻击者可能利用此漏洞绕过访问认证。 RSBAC的某些用户管理模块(如rsbac_auth、pam_sbac.so和pam_login)没有正确地使用Linux内核加密API,攻击者可以在登录时不提交口令绕过认证,获得非授权访问。
CVSS Information
N/A
Vulnerability Type
N/A