Jump to content

Advisories (MDKSA-2006:119 ): ppp


Recommended Posts

Mandriva Advisories MDKSA-2006:119 : ppp


Updated ppp packages fix plugin vulnerability

July 10th, 2006


Marcus Meissner discovered that pppd's winbind plugin did not check for


the result of the setuid() call which could allow an attacker to


exploit this on systems with certain PAM limits enabled to execute the


NTLM authentication helper as root.This could possibly lead to


privilege escalation dependant upon the local winbind configuration.




Updated packages have been patched ot correct this issue.



The released versions of Mandriva GNU/Linux affected are:

  • 2006.0

Full information about this advisory, including the updated packages, is available at:



Other references:



Posted automatically by aru (mdksec2mub v: mdksec2mub,v 1.3 2006/07/02 09:40:56 aru Exp $)

Link to comment
Share on other sites


  • Create New...