In support.c in pam_tacplus 1.3.8 up to and including 1.5.1, the TACACS+ shared secret gets logged via syslog if the DEBUG loglevel and journald are used.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
pam tacplus project pam tacplus |
||
debian debian linux 8.0 |
||
debian debian linux 9.0 |
||
canonical ubuntu linux 16.04 |
||
canonical ubuntu linux 18.04 |
||
canonical ubuntu linux 20.04 |
||
arista cloudvision portal |