Severity: Unknown
Affected Package: libutil
Summary: libutil login.conf handling allows bypass of CPU resource restrictions
A vulnerability in libutil allowed some services such as OpenSSH to bypass CPU resource restrictions in 0.3 through the use of a custom login.conf. The issue was fixed on the same day, present in kern.osreldate 3015 or later. No corresponding FreeBSD Security Advisory or CVE could be confidently identified; this appears to be a MidnightBSD-specific fix.
No specific recommendations provided.
Aliases:
Published: September 02, 2010
Last Modified: September 02, 2010