Fluid Attacks Database

Description

Debian GNU/Linux 3.0 installs the libpam-radius-auth package with the pam_radius_auth.conf set to be world-readable, which allows local users to obtain sensitive information.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
debian 14	libpam-radius-auth	>=0 <1.3.16-1.1	1.3.16-1.1
debian 12	libpam-radius-auth	>=0 <1.3.16-1.1	1.3.16-1.1
debian 13	libpam-radius-auth	>=0 <1.3.16-1.1	1.3.16-1.1
debian 11	libpam-radius-auth	>=0 <1.3.16-1.1	1.3.16-1.1

Aliases

1. CVE-2004-13402. NVD-2004-13403. OSV-DEBIAN-2004-13404. OSV-2004-13405. SECURITY-TRACKER-CVE-2004-1340

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.