漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
Vulnerability Description
Linux-PAM through 1.7.2 contains an observable timing discrepancy (CWE-208) in the pam_userdb module's plaintext-password comparison path in modules/pam_userdb/pam_userdb.c that allows a local or network-adjacent attacker able to repeatedly drive authentication through a calling service to recover the plaintext password of a target account by measuring response-timing differences. The comparison uses strncmp() (or strncasecmp() when PAM_ICASE_ARG is set) preceded by a length-equality check, so the time to reject a candidate depends on the index of the first differing byte and on whether the candidate's length matches the stored password, leaking the password length and individual prefix bytes. The vulnerable path is reached when the administrator configures pam_userdb with crypt=none, with an unrecognized crypt method, or without a crypt= argument, causing the module to store and compare credentials in plaintext.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Vulnerability Type
通过时间差异性导致的信息暴露
Vulnerability Title
Linux-pam 信息泄露漏洞
Vulnerability Description
Linux-pam是Linux-pam团队开源的一款Linux身份验证系统。 Linux-PAM 1.7.2及之前版本存在信息泄露漏洞,该漏洞源于pam_userdb模块的明文密码比较路径中存在可观测的时间差异(CWE-208),可能导致本地或网络邻近的攻击者通过反复驱动认证请求来测量响应时间差,从而恢复目标账户的明文密码。
CVSS Information
N/A
Vulnerability Type
N/A