This issue involves passing an alternative PAM authentication service with a command that is sent to LocalClient, enabling the attacker to bypass the configured authentication service.
Created salt tracking bugs for this issue:
Affects: fedora-all [bug 1320867]
Affects: epel-6 [bug 1320868]
Affects: epel-7 [bug 1320869]