FWIW: A co-worker just forwarded information on to me that a "non-default" configuration such as oh.... PAM is exploitable by being able to login as any user with no password. It affects the portable tree versions 3.7p1 and 3.7.1p1.
Has anybody seen exploit code on this one? > > Check out the webpage : ....-P2 :( > Another bug :(( > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
