Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 918562 (CVE-2022-26563)

Summary: <app-admin/monit-5.31.0: PAM authentication allows login for disabled users
Product: Gentoo Security Reporter: John Helmert III <ajak>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: CONFIRMED ---    
Severity: minor CC: patrick
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: https://bitbucket.org/tildeslash/monit/commits/6ecaab1d375f33165fe98d06d92f36c949c0ea11
Whiteboard: B4 [stable?]
Package list:
Runtime testing required: ---

Description John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2023-11-25 22:25:35 UTC 
CVE-2022-26563:

An issue was discovered in Tildeslash Monit before 5.31.0, allows remote attackers to gain escilated privlidges due to improper PAM-authorization.

The fix commit doesn't seem to be in any tag?