search for: savochkin

...perations in other cases. This bu also can be used in attempts to break system security because one of affected program (passwd) is root-setuid. Patch was posted in redhat-announce list and can be obtained from ftp://shade.msu.ru/pub/linux/libs/cracklib25_small.bugfix.patch Andrey V. Savochkin

...orming random accesses). The quick fix of the problem is disable ''fascist'' mode of pam_unix_passwd module in pam.conf. The patch below should be by applied to cracklib then cracklib should be rebuild, reinstalled and then pam_unix_passwd should be rebuilded. Andrey V. Savochkin diff -r -u cracklib25_small.orig/cracklib/fascist.c cracklib25_small/cracklib/fascist.c --- cracklib25_small.orig/cracklib/fascist.c Mon Jan 27 12:21:13 1997 +++ cracklib25_small/cracklib/fascist.c Mon Jan 27 12:24:28 1997 @@ -223,39 +223,17 @@ wc = 0; ptr = gbuffer; - while (*ptr) +...

...to know whether it is possible to incorporate our changes in OpenSSH code trunk. PNIAM home page is at http://www.msu.ru/pniam.html OpenSSH port is at http://libraftp.narod.ru/pniam.html Alexey Galatenko <agalat at castle.nmd.msu.ru> Maxim Shesterikov <shesmax at ru.hilti.com> Andrey Savochkin <saw at saw.sw.com.sg>

Hi, I have discovered a bug in the rhost module of Linux-PAM-0.57. This bug leads to a vulnerability in the remote login authentication, with the effect that ordinary user accounts may not be password protected. There is only one case when the bug causes a vulnerability: The problem case is when the user''s .rhost file has the name of a machine with *more than one IP address* as the