Likewise Security Advisory – A logic flaw has been found in the pam_lsass library from Likewise Open that, when run under the context of a root service (e.g. sshd, gdm, etc.), will allow any user to logon as a lsassd local-provider account (e.g. MACHINEAdministrator) if the account’s password is marked as expired.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/92183/LWSA-2010-011.txt
Source: https://packetstormsecurity.com/files/92183/Likewise-Open-Logic-Flaw.html