The home page of the one time password system (or otpw -- http://www.cl.cam.ac.uk/~mgk25/otpw.html) has info about how OpenSSH doesn't correctly return PAM_CONV_ERR when a user cancels a login (but instead incorrectly calls pam_end() having the side effect that memory is not correctly scrubbed (or who knows what for other PAM modules). This info comes directly from the aforementioned website. This has been reported via the appropriate bugzilla (http://bugzilla.mindrot.org/show_bug.cgi?id=632) but not yet fixed. If there are any hardware security tokens (for example) which might fail to go back to a locked state due to this bug then it might introduce an exploitable vulnerability in that situation. Otherwise, it just fails to provide all the security assurances it should (with respect to scrubbing the ram). If anyone who knows more about pam and OpenSSH has any further analysis to add, it would be much appreciated.
