Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Linux-PAM package before 1.5.2-6.1 for openSUSE Tumbleweed allows authentication bypass for SSH logins. The pam_access.so module doesn't correctly restrict login if a user tries to connect from an IP address that is not resolvable via DNS. In such conditions, a user with denied access to a machine can still get access. NOTE: the relevance of this issue is largely limited to openSUSE Tumbleweed and openSUSE Factory; it does not affect Linux-PAM upstream.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
openSUSE Tumbleweed 授权问题漏洞
Vulnerability Description
openSUSE Tumbleweed是openSUSE项目的一个开源系统。 openSUSE Tumbleweed 1.5.2-6.1之前版本存在安全漏洞,该漏洞源于如果用户尝试从无法通过 DNS 解析的 IP 地址进行连接,则 pam_access.so 模块不会正确限制登录,攻击者利用该漏洞可以通过SSH 登录绕过身份验证。
CVSS Information
N/A
Vulnerability Type
N/A