Gentoo Security Advisory GLSA 200606-18 (pam_mysql) Network Vulnerability

Summary

The remote host is missing updates announced in advisory GLSA 200606-18.

Solution

All PAM-MySQL users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=sys-auth/pam_mysql-0.7_rc1' http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200606-18 http://bugs.gentoo.org/show_bug.cgi?id=120842 http://pam-mysql.sourceforge.net/News/

Insight

Vulnerabilities in PAM-MySQL can lead to a Denial of Service, making it impossible to log into a machine.

Severity

Classification

CVE CVE-2005-4713, CVE-2006-0056

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Gentoo Security Advisory GLSA 200409-11 (star)
Gentoo Security Advisory GLSA 200407-02 (Kernel)
Gentoo Security Advisory GLSA 200407-15 (opera)
Gentoo Security Advisory GLSA 200404-12 (scorched3d)
Gentoo Security Advisory GLSA 200406-02 (tripwire)

Take action and discover your vulnerabilities