Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports

Toggle filters

1 – 2 of 2 results

CVE-2024-47191

Medium priority
Fixed

pam_oath.so in oath-toolkit 2.6.7 through 2.6.11 before 2.6.12 allows root privilege escalation because, in the context of PAM code running as root, it mishandles usersfile access, such as by calling fchown in the presence of a symlink.

1 affected packages

oath-toolkit

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
oath-toolkit Fixed Fixed Not affected Not affected Not affected
Show less packages

CVE-2013-7322

Medium priority
Ignored

usersfile.c in liboath in OATH Toolkit before 2.4.1 does not properly handle lines containing an invalid one-time-password (OTP) type and a user name in /etc/users.oath, which causes the wrong line to be updated when invalidating...

1 affected packages

oath-toolkit

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
oath-toolkit Not affected Not affected
Show less packages