A vulnerability has been reported in Linux-PAM, which can be exploited by malicious people to bypass certain security restrictions.
The vulnerability is caused due to an error within the "_unix_verify_password()" function in modules/pam_unix/support.c when verifying a user's password. This can be exploited to login with any given password if the hash in the passwd file is "!!" or similar.
http://www.linuxlinks.com/portal/news/article.php?story=20070124133041998