The contents of /etc/pam.d/* are immaterial, here; we know that it's the unix_chkpwd process that's segfaulting, which means pam_unix must be involved. And I have seen bugs more recently whereby pam_unix will fail open if unix_chkpwd crashes unexpectedly; but the only case where I've /seen/ unix_chkpwd crash unexpectedly has been with a bug that post-dates the version in hardy.
So what would really help here is a backtrace of unix_chkpwd's crash.
The contents of /etc/pam.d/* are immaterial, here; we know that it's the unix_chkpwd process that's segfaulting, which means pam_unix must be involved. And I have seen bugs more recently whereby pam_unix will fail open if unix_chkpwd crashes unexpectedly; but the only case where I've /seen/ unix_chkpwd crash unexpectedly has been with a bug that post-dates the version in hardy.
So what would really help here is a backtrace of unix_chkpwd's crash.