A Pluggable Authentication Module (PAM) which allows the establishment of alternate passwords that can be used to perform actions to clear sensitive data, notify IT/Security staff, close off sensitive network connections, etc if a user is coerced into giving a threat actor a password.
As reported by user wowaname on Hacker News, a privilege escalation vulnerability existed due to the use of sprintf/system in which adding quotes to a filename could allow a user to run arbitrary commands with the root account. This was recorded in issue #16 to include a proof-of-concept privilege escalation that was tested.
A patch was sent via email that was adapted to get rid of the vulnerability. Testing showed the previously viable payload rendered inoperable and both shell and binary files could still be executed per prior established functionality.
As reported by user wowaname on Hacker News, a privilege escalation vulnerability existed due to the use of sprintf/system in which adding quotes to a filename could allow a user to run arbitrary commands with the root account. This was recorded in issue #16 to include a proof-of-concept privilege escalation that was tested.
A patch was sent via email that was adapted to get rid of the vulnerability. Testing showed the previously viable payload rendered inoperable and both shell and binary files could still be executed per prior established functionality.