pam-auth-update for PAM, as used in Ubuntu 8.10 and 9.4, and Debian GNU/Linux, does not properly handle an "empty selection" for system authentication modules in certain rare configurations, which causes any attempt to be successful and allows remote attackers to bypass authentication.
Get an AI-powered plain-language explanation of this vulnerability and remediation steps.
Login to generate AI explanation12 reference(s) from NVD