| Max CVSS | 7.2 | Min CVSS | 2.1 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2015-3238 | 5.8 |
The _unix_run_helper_binary function in the pam_unix module in Linux-PAM (aka pam) before 1.2.1, when unable to directly access passwords, allows local users to enumerate usernames or cause a denial of service (hang) via a large password.
|
12-02-2023 - 23:15 | 24-08-2015 - 14:59 | |
| CVE-2010-4708 | 7.2 |
The pam_env module in Linux-PAM (aka pam) 1.1.2 and earlier reads the .pam_environment file in a user's home directory, which might allow local users to run programs with an unintended environment by executing a program that relies on the pam_env PAM
|
03-01-2019 - 15:01 | 24-01-2011 - 19:00 | |
| CVE-2011-3149 | 2.1 |
The _expand_arg function in the pam_env module (modules/pam_env/pam_env.c) in Linux-PAM (aka pam) before 1.1.5 does not properly handle when environment variable expansion can overflow, which allows local users to cause a denial of service (CPU consu
|
03-01-2019 - 15:01 | 22-07-2012 - 17:55 |