pam_google_authenticator.c in the PAM module in Google Authenticator prior to 1.0 requires user-readable permissions for the secret file, which allows local users to bypass intended access restrictions and discover a shared secret via standard filesystem operations, a different vulnerability than CVE-2013-0258.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
google authenticator 0.87 |
||
google authenticator 0.86 |
||
google authenticator |