CVE-2006-7108

CVE-2006-7108 · MEDIUM Severity

AV:L/AC:M/AU:S/C:P/I:P/A:P

login in util-linux-2.12a skips pam_acct_mgmt and chauth_tok when authentication is skipped, such as when a Kerberos krlogin session has been established, which might allow users to bypass intended access policies that would be enforced by pam_acct_mgmt and chauth_tok.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.