CVE-2016-20014
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2016-20014
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-20014.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2016-20014
- Downstream
- Published
- 2022-04-21T04:15:09Z
- Modified
- 2025-10-15T07:59:27.890674Z
- Severity
-
- 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
In pamtacplus.c in pamtacplus before 1.4.1, pamsmacct_mgmt does not zero out the arep data structure.
- References
Affected packages
Git / github.com/kravietz/pam_tacplus
Affected ranges
- Type
- GIT
- Repo
- https://github.com/kravietz/pam_tacplus
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Database specific
vanir_signatures
[
{
"source": "https://github.com/kravietz/pam_tacplus/commit/e4c00eba70a0f72c4de77b5f072c69708ec2beab",
"id": "CVE-2016-20014-28a15624",
"digest": {
"function_hash": "258352848962929567760939840113007533346",
"length": 3646.0
},
"signature_version": "v1",
"deprecated": false,
"target": {
"function": "pam_sm_acct_mgmt",
"file": "pam_tacplus.c"
},
"signature_type": "Function"
},
{
"source": "https://github.com/kravietz/pam_tacplus/commit/e4c00eba70a0f72c4de77b5f072c69708ec2beab",
"id": "CVE-2016-20014-c09de379",
"digest": {
"line_hashes": [
"152148694595381616725332901845864734972",
"329346737611140683914305529782259062756",
"144080591874934029285186318424361896193",
"65888792551446632476147423506826739490"
],
"threshold": 0.9
},
"signature_version": "v1",
"deprecated": false,
"target": {
"file": "pam_tacplus.c"
},
"signature_type": "Line"
}
]