CVE-2013-7322

usersfile.c in liboath in OATH Toolkit before 2.4.1 does not properly handle lines containing an invalid one-time-password (OTP) type and a user name in /etc/users.oath, which causes the wrong line to be updated when invalidating an OTP and allows context-dependent attackers to conduct replay attacks, as demonstrated by a commented out line when using libpam-oath.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.9 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:S/C:P/I:P/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 59%
Affected Products (NVD)
VendorProductVersion
nongnuoath_toolkit
𝑥
≤ 2.4.0
nongnuoath_toolkit
1.0.0
nongnuoath_toolkit
1.0.1
nongnuoath_toolkit
1.2.0
nongnuoath_toolkit
1.2.1
nongnuoath_toolkit
1.2.2
nongnuoath_toolkit
1.4.0
nongnuoath_toolkit
1.4.1
nongnuoath_toolkit
1.4.2
nongnuoath_toolkit
1.4.3
nongnuoath_toolkit
1.4.4
nongnuoath_toolkit
1.4.5
nongnuoath_toolkit
1.4.6
nongnuoath_toolkit
1.6.0
nongnuoath_toolkit
1.6.1
nongnuoath_toolkit
1.6.2
nongnuoath_toolkit
1.6.3
nongnuoath_toolkit
1.6.4
nongnuoath_toolkit
1.8.0
nongnuoath_toolkit
1.8.1
nongnuoath_toolkit
1.8.2
nongnuoath_toolkit
1.10.0
nongnuoath_toolkit
1.10.1
nongnuoath_toolkit
1.10.2
nongnuoath_toolkit
1.10.3
nongnuoath_toolkit
1.10.4
nongnuoath_toolkit
1.10.5
nongnuoath_toolkit
1.12.0
nongnuoath_toolkit
1.12.1
nongnuoath_toolkit
1.12.2
nongnuoath_toolkit
1.12.3
nongnuoath_toolkit
1.12.4
nongnuoath_toolkit
1.12.5
nongnuoath_toolkit
1.12.6
nongnuoath_toolkit
2.0.0
nongnuoath_toolkit
2.0.1
nongnuoath_toolkit
2.0.2
nongnuoath_toolkit
2.2.0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
oath-toolkit
bookworm
2.6.7-3.1
fixed
bookworm (security)
2.6.7-3.1+deb12u1
fixed
bullseye
2.6.6-3
fixed
sid
2.6.12-1
fixed
trixie
2.6.12-1
fixed
wheezy
no-dsa
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
oath-toolkit
artful
ignored
bionic
not-affected
cosmic
not-affected
disco
not-affected
lucid
dne
precise
ignored
quantal
ignored
saucy
ignored
trusty
dne
utopic
ignored
vivid
ignored
wily
ignored
xenial
not-affected
yakkety
ignored
zesty
ignored
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
liboath-devel
suse enterprise desktop 15 SP1
2.6.2-1.15
fixed
suse enterprise desktop 15 SP2
2.6.2-1.15
fixed
suse enterprise desktop 15 SP3
2.6.2-1.15
fixed
suse enterprise desktop 15 SP4
2.6.2-1.15
fixed
suse enterprise desktop 15 SP5
2.6.2-150000.3.3.1
fixed
suse enterprise desktop 15 SP6
2.6.2-150000.3.5.1
fixed
suse enterprise desktop 15 SP7
2.6.2-150000.3.5.1
fixed
suse enterprise sap 15 SP1
2.6.2-1.15
fixed
suse enterprise sap 15 SP2
2.6.2-1.15
fixed
suse enterprise sap 15 SP3
2.6.2-1.15
fixed
suse enterprise sap 15 SP4
2.6.2-1.15
fixed
suse enterprise sap 15 SP5
2.6.2-150000.3.3.1
fixed
suse enterprise sap 15 SP6
2.6.2-150000.3.5.1
fixed
suse enterprise sap 15 SP7
2.6.2-150000.3.5.1
fixed
suse enterprise server 15 SP1
2.6.2-1.15
fixed
suse enterprise server 15 SP2
2.6.2-1.15
fixed
suse enterprise server 15 SP3
2.6.2-1.15
fixed
suse enterprise server 15 SP4
2.6.2-1.15
fixed
suse enterprise server 15 SP5
2.6.2-150000.3.3.1
fixed
suse enterprise server 15 SP6
2.6.2-150000.3.5.1
fixed
suse enterprise server 15 SP7
2.6.2-150000.3.5.1
fixed
liboath0
suse enterprise desktop 15
2.6.2-1.15
fixed
suse enterprise desktop 15 SP1
2.6.2-1.15
fixed
suse enterprise desktop 15 SP2
2.6.2-1.15
fixed
suse enterprise desktop 15 SP3
2.6.2-1.15
fixed
suse enterprise desktop 15 SP4
2.6.2-1.15
fixed
suse enterprise desktop 15 SP5
2.6.2-150000.3.3.1
fixed
suse enterprise desktop 15 SP6
2.6.2-150000.3.5.1
fixed
suse enterprise desktop 15 SP7
2.6.2-150000.3.5.1
fixed
suse enterprise sap 15
2.6.2-1.15
fixed
suse enterprise sap 15 SP1
2.6.2-1.15
fixed
suse enterprise sap 15 SP2
2.6.2-1.15
fixed
suse enterprise sap 15 SP3
2.6.2-1.15
fixed
suse enterprise sap 15 SP4
2.6.2-1.15
fixed
suse enterprise sap 15 SP5
2.6.2-150000.3.3.1
fixed
suse enterprise sap 15 SP6
2.6.2-150000.3.5.1
fixed
suse enterprise sap 15 SP7
2.6.2-150000.3.5.1
fixed
suse enterprise server 15
2.6.2-1.15
fixed
suse enterprise server 15 SP1
2.6.2-1.15
fixed
suse enterprise server 15 SP2
2.6.2-1.15
fixed
suse enterprise server 15 SP3
2.6.2-1.15
fixed
suse enterprise server 15 SP4
2.6.2-1.15
fixed
suse enterprise server 15 SP5
2.6.2-150000.3.3.1
fixed
suse enterprise server 15 SP6
2.6.2-150000.3.5.1
fixed
suse enterprise server 15 SP7
2.6.2-150000.3.5.1
fixed
libpskc-devel
suse enterprise desktop 15
2.6.2-1.15
fixed
suse enterprise desktop 15 SP1
2.6.2-1.15
fixed
suse enterprise desktop 15 SP2
2.6.2-1.15
fixed
suse enterprise desktop 15 SP3
2.6.2-1.15
fixed
suse enterprise desktop 15 SP4
2.6.2-1.15
fixed
suse enterprise sap 15
2.6.2-1.15
fixed
suse enterprise sap 15 SP1
2.6.2-1.15
fixed
suse enterprise sap 15 SP2
2.6.2-1.15
fixed
suse enterprise sap 15 SP3
2.6.2-1.15
fixed
suse enterprise sap 15 SP4
2.6.2-1.15
fixed
suse enterprise server 15
2.6.2-1.15
fixed
suse enterprise server 15 SP1
2.6.2-1.15
fixed
suse enterprise server 15 SP2
2.6.2-1.15
fixed
suse enterprise server 15 SP3
2.6.2-1.15
fixed
suse enterprise server 15 SP4
2.6.2-1.15
fixed
suse enterprise workstation 15
2.6.2-1.15
fixed
suse enterprise workstation 15 SP1
2.6.2-1.15
fixed
suse enterprise workstation 15 SP2
2.6.2-1.15
fixed
suse enterprise workstation 15 SP3
2.6.2-1.15
fixed
suse enterprise workstation 15 SP4
2.6.2-1.15
fixed
libpskc0
suse enterprise desktop 15
2.6.2-1.15
fixed
suse enterprise desktop 15 SP1
2.6.2-1.15
fixed
suse enterprise desktop 15 SP2
2.6.2-1.15
fixed
suse enterprise desktop 15 SP3
2.6.2-1.15
fixed
suse enterprise desktop 15 SP4
2.6.2-1.15
fixed
suse enterprise sap 15
2.6.2-1.15
fixed
suse enterprise sap 15 SP1
2.6.2-1.15
fixed
suse enterprise sap 15 SP2
2.6.2-1.15
fixed
suse enterprise sap 15 SP3
2.6.2-1.15
fixed
suse enterprise sap 15 SP4
2.6.2-1.15
fixed
suse enterprise server 15
2.6.2-1.15
fixed
suse enterprise server 15 SP1
2.6.2-1.15
fixed
suse enterprise server 15 SP2
2.6.2-1.15
fixed
suse enterprise server 15 SP3
2.6.2-1.15
fixed
suse enterprise server 15 SP4
2.6.2-1.15
fixed
suse enterprise workstation 15
2.6.2-1.15
fixed
suse enterprise workstation 15 SP1
2.6.2-1.15
fixed
suse enterprise workstation 15 SP2
2.6.2-1.15
fixed
suse enterprise workstation 15 SP3
2.6.2-1.15
fixed
suse enterprise workstation 15 SP4
2.6.2-1.15
fixed
oath-toolkit-xml
suse enterprise desktop 15
2.6.2-1.15
fixed
suse enterprise desktop 15 SP1
2.6.2-1.15
fixed
suse enterprise desktop 15 SP2
2.6.2-1.15
fixed
suse enterprise desktop 15 SP3
2.6.2-1.15
fixed
suse enterprise desktop 15 SP4
2.6.2-1.15
fixed
suse enterprise desktop 15 SP5
2.6.2-150000.3.3.1
fixed
suse enterprise desktop 15 SP6
2.6.2-150000.3.5.1
fixed
suse enterprise desktop 15 SP7
2.6.2-150000.3.5.1
fixed
suse enterprise sap 15
2.6.2-1.15
fixed
suse enterprise sap 15 SP1
2.6.2-1.15
fixed
suse enterprise sap 15 SP2
2.6.2-1.15
fixed
suse enterprise sap 15 SP3
2.6.2-1.15
fixed
suse enterprise sap 15 SP4
2.6.2-1.15
fixed
suse enterprise sap 15 SP5
2.6.2-150000.3.3.1
fixed
suse enterprise sap 15 SP6
2.6.2-150000.3.5.1
fixed
suse enterprise sap 15 SP7
2.6.2-150000.3.5.1
fixed
suse enterprise server 15
2.6.2-1.15
fixed
suse enterprise server 15 SP1
2.6.2-1.15
fixed
suse enterprise server 15 SP2
2.6.2-1.15
fixed
suse enterprise server 15 SP3
2.6.2-1.15
fixed
suse enterprise server 15 SP4
2.6.2-1.15
fixed
suse enterprise server 15 SP5
2.6.2-150000.3.3.1
fixed
suse enterprise server 15 SP6
2.6.2-150000.3.5.1
fixed
suse enterprise server 15 SP7
2.6.2-150000.3.5.1
fixed
Common Weakness Enumeration
References
http://lists.nongnu.org/archive/html/oath-toolkit-help/2013-12/msg00000.html
http://lists.nongnu.org/archive/html/oath-toolkit-help/2013-12/msg00002.html
http://lists.nongnu.org/archive/html/oath-toolkit-help/2013-12/msg00003.html
http://seclists.org/oss-sec/2014/q1/296
http://www.nongnu.org/oath-toolkit/NEWS.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/91316
http://lists.nongnu.org/archive/html/oath-toolkit-help/2013-12/msg00000.html
http://lists.nongnu.org/archive/html/oath-toolkit-help/2013-12/msg00002.html
http://lists.nongnu.org/archive/html/oath-toolkit-help/2013-12/msg00003.html
http://seclists.org/oss-sec/2014/q1/296
http://www.nongnu.org/oath-toolkit/NEWS.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/91316