In support.c in pam_tacplus 1.3.8 through 1.5.1, the TACACS+ shared secret gets logged via syslog if the DEBUG loglevel and journald are used.
Weakness
The product writes sensitive information to a log file.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Pam_tacplus | Pam_tacplus_project | 1.3.8 (including) | 1.5.1 (including) |
| Libpam-tacplus | Ubuntu | bionic | * |
| Libpam-tacplus | Ubuntu | eoan | * |
| Libpam-tacplus | Ubuntu | esm-apps/bionic | * |
| Libpam-tacplus | Ubuntu | esm-apps/focal | * |
| Libpam-tacplus | Ubuntu | esm-apps/xenial | * |
| Libpam-tacplus | Ubuntu | focal | * |
| Libpam-tacplus | Ubuntu | groovy | * |
| Libpam-tacplus | Ubuntu | hirsute | * |
| Libpam-tacplus | Ubuntu | impish | * |
| Libpam-tacplus | Ubuntu | kinetic | * |
| Libpam-tacplus | Ubuntu | lunar | * |
| Libpam-tacplus | Ubuntu | mantic | * |
| Libpam-tacplus | Ubuntu | trusty | * |
| Libpam-tacplus | Ubuntu | xenial | * |
Potential Mitigations
Related Attack Patterns
References
- http://www.openwall.com/lists/oss-security/2020/06/08/1
- https://github.com/kravietz/pam_tacplus/commit/4a9852c31c2fd0c0e72fbb689a586aabcfb11cb0
- https://github.com/kravietz/pam_tacplus/issues/149
- https://lists.debian.org/debian-lts-announce/2020/06/msg00007.html
- https://lists.debian.org/debian-lts-announce/2021/08/msg00006.html
- https://usn.ubuntu.com/4521-1/
- https://www.arista.com/en/support/advisories-notices/security-advisories/11705-security-advisory-50
- http://www.openwall.com/lists/oss-security/2020/06/08/1
- https://github.com/kravietz/pam_tacplus/commit/4a9852c31c2fd0c0e72fbb689a586aabcfb11cb0
- https://github.com/kravietz/pam_tacplus/issues/149
- https://lists.debian.org/debian-lts-announce/2020/06/msg00007.html
- https://lists.debian.org/debian-lts-announce/2021/08/msg00006.html
- https://usn.ubuntu.com/4521-1/
- https://www.arista.com/en/support/advisories-notices/security-advisories/11705-security-advisory-50