CVE-2016-20014

CVE-2016-20014

EPSS 1.2%

In pam_tacplus.c in pam_tacplus before 1.4.1, pam_sm_acct_mgmt does not zero out the arep data structure.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/kravietz/pam_tacplus/commit/e4c00eba70a0f72c4de77b5f072c69708ec2beab