From owner-doc-jp-work@jp.FreeBSD.org Wed Mar 13 13:07:51 2002
Received: (from daemon@localhost)
	by castle.jp.FreeBSD.org (8.11.6+3.4W/8.11.3) id g2D47p214009;
	Wed, 13 Mar 2002 13:07:51 +0900 (JST)
	(envelope-from owner-doc-jp-work@jp.FreeBSD.org)
Received: from TYO202.gate.nec.co.jp (TYO202.gate.nec.co.jp [210.143.35.52])
	by castle.jp.FreeBSD.org (8.11.6+3.4W/8.11.3) with ESMTP/inet id g2D47dc13998;
	Wed, 13 Mar 2002 13:07:40 +0900 (JST)
	(envelope-from y-koga@jp.FreeBSD.org)
Received: from mailgate4.nec.co.jp ([10.7.69.195])
	by TYO202.gate.nec.co.jp (8.11.6/3.7W01080315) with ESMTP id g2D47RQ09116;
	Wed, 13 Mar 2002 13:07:30 +0900 (JST)
Received: from mailsv.nec.co.jp (mailgate51.nec.co.jp [10.7.69.190]) by mailgate4.nec.co.jp (8.11.6/3.7W-MAILGATE-NEC) with ESMTP
	id g2D47QY03612; Wed, 13 Mar 2002 13:07:26 +0900 (JST)
Received: from necspl.do.mms.mt.nec.co.jp (necspl.do.mms.mt.nec.co.jp [10.16.5.21]) by mailsv.nec.co.jp (8.11.6/3.7W-MAILSV-NEC) with ESMTP
	id g2D46e810132; Wed, 13 Mar 2002 13:07:24 +0900 (JST)
Received: from localhost (localhost [127.0.0.1])
	by  necspl.do.mms.mt.nec.co.jp (8.12.2/8.12.2) with ESMTP id g2D46eQB043379;
	Wed, 13 Mar 2002 13:06:40 +0900 (JST)
Date: Wed, 13 Mar 2002 13:06:40 +0900 (JST)
Message-Id: <20020313.130640.41645849.y-koga@jp.FreeBSD.org>
To: doc-jp-work@jp.FreeBSD.org
From: Koga Youichirou <y-koga@jp.FreeBSD.org>
In-Reply-To: <20020313.003451.41654937.hrs@eos.ocn.ne.jp>
References: <200203121427.g2CERps64246@freefall.freebsd.org>
	<20020313.003451.41654937.hrs@eos.ocn.ne.jp>
X-Mailer: Mew version 3.0.54 on Emacs 21.1 / Mule 5.0 (SAKAKI)
Mime-Version: 1.0
Content-Type: Text/Plain; charset=iso-2022-jp
Content-Transfer-Encoding: 7bit
Reply-To: doc-jp-work@jp.FreeBSD.org
Precedence: list
X-Distribute: distribute version 2.1 (Alpha) patchlevel 24e+020312
X-Sequence: doc-jp-work 304
Subject: [doc-jp-work 304] Re: ANNOUNCE: FreeBSD Ports Security
 Advisory FreeBSD-SA-02:14.pam-pgsql
Errors-To: owner-doc-jp-work@jp.FreeBSD.org
Sender: owner-doc-jp-work@jp.FreeBSD.org
X-Originator: y-koga@jp.FreeBSD.org

Hiroki Sato <hrs@eos.ocn.ne.jp>:
>  02:14 $B$G$9!#(B

$B%Q%A%Q%A%Q%A!y(B

> =============================================================================
> FreeBSD-SA-02:14                                            Security Advisory
>                                                                 FreeBSD, Inc.
> 
> $B%H%T%C%/(B:	pam-pgsql $B$N(B port $B$K$*$1$kG'>Z$N5!G=ITA4(B
> 		(pam-pgsql port authentication bypass)

$B5!G=ITA4$O7y$@$J$!!#(B
$B!V!A$K$*$$$FG'>Z$r%P%$%Q%9$5$l$F$7$^$&LdBj!W(B
$B$/$i$$Jd$C$F$*$/$H$$$$$N$G$O$J$$$G$7$g$&$+(B?

> III. $B1F6AHO0O(B - Impact
> 
> Since common PAM applications include
> login(1) and sshd(8), both local and remote attacks are possible.
> $BNI$/;H$o$l$F$$$k(B
> PAM $BBP1~%"%W%j%1!<%7%g%s$K$O(B login(1) $B$*$h$S(B sshd(8) $B$,(B
> $B4^$^$l$F$$$k$?$a!"%m!<%+%k$H%j%b!<%H$NN>J}$+$i$N967b$,2DG=$G$9!#(B

$BNI$/"*$h$/(B
# $B!VD+F|?7J9$NMQ8l$N<j0z!W(B($B5W$7?6$j(B :)
----
$B$3$,$h$&$$$A$m$&(B
