Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
OpenPAM Nummularia 9.2 through 10.0 does not properly handle the error reported when an include directive refers to a policy that does not exist, which causes the loaded policy chain to no be discarded and allows context-dependent attackers to bypass authentication via a login (1) without a password or (2) with an incorrect password.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
OpenPAM 授权问题漏洞
Vulnerability Description
OpenPAM是一个用于FreeBSD(类Unix操作系统)中的PAM架构的实现,它允许使用可加载的模块实现管理员所定义的用户认证和会话管理。 OpenPAM Nummularia 9.2至10.0版本中存在安全漏洞,该漏洞源于程序没有正确处理所报告的错误。攻击者可利用该漏洞无需密码或正确的密码绕过身份验证。
CVSS Information
N/A
Vulnerability Type
N/A