OpenSSH unexpected PAM authentication exploit v1.7 Vulnerability exploited: CAN-2003-0786 - BID-8677 Category: Exploits/Remote This module exploits an error in the PAM authentication code and installs a level0 agent into the target host. This module exploits an error in the PAM authentication code present in certain portable versions of OpenSSH. Vulnerable servers allow valid users to login with invalid passwords. Supported Systems: RedHat Linux 8 (i386) RedHat Linux 9 (i386) the sshd version has to be OpenSSH-3.7p1 or OpenSSH-3.7.1p1 SSH protocol version 1 has to be supported (it is supported by default) PAM support has to be built-in ("--with-pam" option to the configure script, it is not built-in by default) PAM support has to be enabled ("UsePAM yes" in sshd_config, it is enabled by default in OpenSSH-3.7p1 and OpenSSH-3.7.1p1 if PAM support is built-in) PrivilegeSeparation has to be disabled ("UsePrivilegeSeparation no" in sshd_config, it is enabled by default, but it is recommended to disable it if PAM support is enabled) This module is included in the latest version of CORE IMPACT, the first automated comprehensive penetration testing product for accurately identifying information security risks. Click here to learn more about the product.