| Max CVSS | 4.9 | Min CVSS | 1.9 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2010-3431 | 1.9 |
The privilege-dropping implementation in the (1) pam_env and (2) pam_mail modules in Linux-PAM (aka pam) 1.1.2 does not check the return value of the setfsuid system call, which might allow local users to obtain sensitive information by leveraging an
|
13-02-2023 - 04:24 | 24-01-2011 - 18:00 | |
| CVE-2010-3430 | 4.7 |
The privilege-dropping implementation in the (1) pam_env and (2) pam_mail modules in Linux-PAM (aka pam) 1.1.2 does not perform the required setfsgid and setgroups system calls, which might allow local users to obtain sensitive information by leverag
|
13-02-2023 - 04:24 | 24-01-2011 - 18:00 | |
| CVE-2010-4707 | 4.9 |
The check_acl function in pam_xauth.c in the pam_xauth module in Linux-PAM (aka pam) 1.1.2 and earlier does not verify that a certain ACL file is a regular file, which might allow local users to cause a denial of service (resource consumption) via a
|
03-01-2019 - 15:01 | 24-01-2011 - 19:00 | |
| CVE-2010-4706 | 4.9 |
The pam_sm_close_session function in pam_xauth.c in the pam_xauth module in Linux-PAM (aka pam) 1.1.2 and earlier does not properly handle a failure to determine a certain target uid, which might allow local users to delete unintended files by execut
|
03-01-2019 - 15:01 | 24-01-2011 - 19:00 |