Tuesday, March 2, 2021

FreeBSD: VID-A8654F1D-770D-11EB-B87A-901B0EF719AB (CVE-2020-25580): FreeBSD -- login.access fails to apply rules

Description
Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.From VID-A8654F1D-770D-11EB-B87A-901B0EF719AB: Problem Description: A regression in the login.access(5) rule processor has the effect of causing rules to fail to match even when they should not. This means that rules denying access may be ignored. Impact: The configuration in login.access(5) may not be applied, permitting login access to users even when the system is configured to deny it.
Solution(s)
  • freebsd-upgrade-base-11_4-release-p8
  • freebsd-upgrade-base-12_2-release-p4


  • References
  • CVE-2020-25580




  •  

    Copyright © 2020 Cyber Details - Vulnerability Database™

    Thanks for everything Templateism - You should have written the code a little more complicated