Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

security flaw in pam_cas.c #4

Open
pathennessy opened this issue Nov 1, 2016 · 0 comments
Open

security flaw in pam_cas.c #4

pathennessy opened this issue Nov 1, 2016 · 0 comments

Comments

@pathennessy
Copy link

The ret variable is not reset to 0 after loading the config file on line 69 in pam_cas.c. Since that variable is in a non-zero state and if the password doesn't match any of the other if cases below, it will allow anyone to login with any password. Serious security flaw here. Adding "ret = 0" after line 73 fixes this issue.
cluck pushed a commit to cluck/pam_cas-reloaded that referenced this issue Mar 9, 2017
Fix security issue
c00e039 
When username+password authentication is disabled, the module fails to reject invalid tickets, allowing
anyone to log in with trivially crafted tickets.

Reported by Pat Hennessy on GitHub (pathennessy)

Fixes atiti#4
@cluck cluck mentioned this issue Mar 9, 2017
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@pathennessy