diff --git a/ChangeLog b/ChangeLog
index ad9bad164..a790a988d 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,8 @@
+20061205
+ - (djm) [auth.c] Fix NULL pointer dereference in fakepw().  Crash would
+   occur if the server did not have the privsep user and an invalid user
+   tried to login and both privsep and krb5 auth are disabled; ok dtucker@
+
 20061108
  - (dtucker) OpenBSD CVS Sync
    - markus@cvs.openbsd.org 2006/11/07 13:02:07
@@ -2611,4 +2616,4 @@
    OpenServer 6 and add osr5bigcrypt support so when someone migrates
    passwords between UnixWare and OpenServer they will still work. OK dtucker@
 
-$Id: ChangeLog,v 1.4589 2006/11/07 23:01:36 dtucker Exp $
+$Id: ChangeLog,v 1.4590 2006/12/04 22:08:54 djm Exp $
diff --git a/auth.c b/auth.c
index 5d23343b9..505102f8a 100644
--- a/auth.c
+++ b/auth.c
@@ -569,8 +569,8 @@ fakepw(void)
 	fake.pw_passwd =
 	    "$2a$06$r3.juUaHZDlIbQaO2dS9FuYxL1W9M81R1Tc92PoSNmzvpEqLkLGrK";
 	fake.pw_gecos = "NOUSER";
-	fake.pw_uid = privsep_pw->pw_uid;
-	fake.pw_gid = privsep_pw->pw_gid;
+	fake.pw_uid = privsep_pw == NULL ? (uid_t)-1 : privsep_pw->pw_uid;
+	fake.pw_gid = privsep_pw == NULL ? (gid_t)-1 : privsep_pw->pw_gid;
 #ifdef HAVE_PW_CLASS_IN_PASSWD
 	fake.pw_class = "";
 #endif