Critical severity9.8NVD Advisory· Published Oct 26, 2020· Updated Jun 17, 2026
CVE-2020-27743
CVE-2020-27743
Description
libtac in pam_tacplus through 1.5.1 lacks a check for a failure of RAND_bytes()/RAND_pseudo_bytes(). This could lead to use of a non-random/predictable session_id.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- pam_tacplus/libtacdescription
- Range: <=1.5.1
Patches
Vulnerability mechanics
References
2- github.com/kravietz/pam_tacplus/pull/163nvdThird Party Advisory
- tools.ietf.org/html/rfc8907nvdTechnical DescriptionThird Party Advisory
News mentions
0No linked articles in our index yet.