Vulnerabilites related to linux-pam - linux-pam
cve-2010-4707
Vulnerability from cvelistv5
Published
2011-01-24 18:00
Modified
2024-08-07 03:55
Severity ?
EPSS score ?
Summary
The check_acl function in pam_xauth.c in the pam_xauth module in Linux-PAM (aka pam) 1.1.2 and earlier does not verify that a certain ACL file is a regular file, which might allow local users to cause a denial of service (resource consumption) via a special file.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/65036 | vdb-entry, x_refsource_XF | |
| http://security.gentoo.org/glsa/glsa-201206-31.xml | vendor-advisory, x_refsource_GENTOO | |
| http://openwall.com/lists/oss-security/2010/10/03/1 | mailing-list, x_refsource_MLIST | |
| http://git.altlinux.org/people/ldv/packages/?p=pam.git%3Ba=commit%3Bh=Linux-PAM-1_1_2-2-gffe7058c70253d574b1963c7c93002bd410fddc9 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/46045 | vdb-entry, x_refsource_BID | |
| http://secunia.com/advisories/49711 | third-party-advisory, x_refsource_SECUNIA |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T03:55:34.485Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "linuxpam-checkacl-dos(65036)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/65036", }, { name: "GLSA-201206-31", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "http://security.gentoo.org/glsa/glsa-201206-31.xml", }, { name: "[oss-security] 20101004 Re: Minor security flaw with pam_xauth", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://openwall.com/lists/oss-security/2010/10/03/1", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://git.altlinux.org/people/ldv/packages/?p=pam.git%3Ba=commit%3Bh=Linux-PAM-1_1_2-2-gffe7058c70253d574b1963c7c93002bd410fddc9", }, { name: "46045", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/46045", }, { name: "49711", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/49711", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2010-09-28T00:00:00", descriptions: [ { lang: "en", value: "The check_acl function in pam_xauth.c in the pam_xauth module in Linux-PAM (aka pam) 1.1.2 and earlier does not verify that a certain ACL file is a regular file, which might allow local users to cause a denial of service (resource consumption) via a special file.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-08-16T14:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "linuxpam-checkacl-dos(65036)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/65036", }, { name: "GLSA-201206-31", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "http://security.gentoo.org/glsa/glsa-201206-31.xml", }, { name: "[oss-security] 20101004 Re: Minor security flaw with pam_xauth", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://openwall.com/lists/oss-security/2010/10/03/1", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://git.altlinux.org/people/ldv/packages/?p=pam.git%3Ba=commit%3Bh=Linux-PAM-1_1_2-2-gffe7058c70253d574b1963c7c93002bd410fddc9", }, { name: "46045", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/46045", }, { name: "49711", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/49711", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2010-4707", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The check_acl function in pam_xauth.c in the pam_xauth module in Linux-PAM (aka pam) 1.1.2 and earlier does not verify that a certain ACL file is a regular file, which might allow local users to cause a denial of service (resource consumption) via a special file.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "linuxpam-checkacl-dos(65036)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/65036", }, { name: "GLSA-201206-31", refsource: "GENTOO", url: "http://security.gentoo.org/glsa/glsa-201206-31.xml", }, { name: "[oss-security] 20101004 Re: Minor security flaw with pam_xauth", refsource: "MLIST", url: "http://openwall.com/lists/oss-security/2010/10/03/1", }, { name: "http://git.altlinux.org/people/ldv/packages/?p=pam.git;a=commit;h=Linux-PAM-1_1_2-2-gffe7058c70253d574b1963c7c93002bd410fddc9", refsource: "CONFIRM", url: "http://git.altlinux.org/people/ldv/packages/?p=pam.git;a=commit;h=Linux-PAM-1_1_2-2-gffe7058c70253d574b1963c7c93002bd410fddc9", }, { name: "46045", refsource: "BID", url: "http://www.securityfocus.com/bid/46045", }, { name: "49711", refsource: "SECUNIA", url: "http://secunia.com/advisories/49711", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2010-4707", datePublished: "2011-01-24T18:00:00", dateReserved: "2011-01-24T00:00:00", dateUpdated: "2024-08-07T03:55:34.485Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2011-3148
Vulnerability from cvelistv5
Published
2012-07-22 17:00
Modified
2024-08-06 23:22
Severity ?
EPSS score ?
Summary
Stack-based buffer overflow in the _assemble_line function in modules/pam_env/pam_env.c in Linux-PAM (aka pam) before 1.1.5 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long string of white spaces at the beginning of the ~/.pam_environment file.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugs.launchpad.net/ubuntu/+source/pam/+bug/874469 | x_refsource_CONFIRM | |
| http://security.gentoo.org/glsa/glsa-201206-31.xml | vendor-advisory, x_refsource_GENTOO | |
| http://www.ubuntu.com/usn/USN-1237-1 | vendor-advisory, x_refsource_UBUNTU | |
| http://secunia.com/advisories/46583 | third-party-advisory, x_refsource_SECUNIA | |
| http://secunia.com/advisories/49711 | third-party-advisory, x_refsource_SECUNIA | |
| http://git.fedorahosted.org/git/?p=linux-pam.git%3Ba=commitdiff%3Bh=caf5e7f61c8d9288daa49b4f61962e6b1239121d | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T23:22:27.612Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugs.launchpad.net/ubuntu/+source/pam/+bug/874469", }, { name: "GLSA-201206-31", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "http://security.gentoo.org/glsa/glsa-201206-31.xml", }, { name: "USN-1237-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-1237-1", }, { name: "46583", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/46583", }, { name: "49711", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/49711", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://git.fedorahosted.org/git/?p=linux-pam.git%3Ba=commitdiff%3Bh=caf5e7f61c8d9288daa49b4f61962e6b1239121d", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2011-10-24T00:00:00", descriptions: [ { lang: "en", value: "Stack-based buffer overflow in the _assemble_line function in modules/pam_env/pam_env.c in Linux-PAM (aka pam) before 1.1.5 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long string of white spaces at the beginning of the ~/.pam_environment file.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2014-02-26T14:57:02", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://bugs.launchpad.net/ubuntu/+source/pam/+bug/874469", }, { name: "GLSA-201206-31", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "http://security.gentoo.org/glsa/glsa-201206-31.xml", }, { name: "USN-1237-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-1237-1", }, { name: "46583", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/46583", }, { name: "49711", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/49711", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://git.fedorahosted.org/git/?p=linux-pam.git%3Ba=commitdiff%3Bh=caf5e7f61c8d9288daa49b4f61962e6b1239121d", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2011-3148", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Stack-based buffer overflow in the _assemble_line function in modules/pam_env/pam_env.c in Linux-PAM (aka pam) before 1.1.5 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long string of white spaces at the beginning of the ~/.pam_environment file.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://bugs.launchpad.net/ubuntu/+source/pam/+bug/874469", refsource: "CONFIRM", url: "https://bugs.launchpad.net/ubuntu/+source/pam/+bug/874469", }, { name: "GLSA-201206-31", refsource: "GENTOO", url: "http://security.gentoo.org/glsa/glsa-201206-31.xml", }, { name: "USN-1237-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-1237-1", }, { name: "46583", refsource: "SECUNIA", url: "http://secunia.com/advisories/46583", }, { name: "49711", refsource: "SECUNIA", url: "http://secunia.com/advisories/49711", }, { name: "http://git.fedorahosted.org/git/?p=linux-pam.git;a=commitdiff;h=caf5e7f61c8d9288daa49b4f61962e6b1239121d", refsource: "CONFIRM", url: "http://git.fedorahosted.org/git/?p=linux-pam.git;a=commitdiff;h=caf5e7f61c8d9288daa49b4f61962e6b1239121d", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2011-3148", datePublished: "2012-07-22T17:00:00", dateReserved: "2011-08-16T00:00:00", dateUpdated: "2024-08-06T23:22:27.612Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2010-3853
Vulnerability from cvelistv5
Published
2011-01-24 17:00
Modified
2024-08-07 03:26
Severity ?
EPSS score ?
Summary
pam_namespace.c in the pam_namespace module in Linux-PAM (aka pam) before 1.1.3 uses the environment of the invoking application or service during execution of the namespace.init script, which might allow local users to gain privileges by running a setuid program that relies on the pam_namespace PAM check, as demonstrated by the sudo program.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T03:26:12.299Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "GLSA-201206-31", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "http://security.gentoo.org/glsa/glsa-201206-31.xml", }, { name: "[security-announce] 20110307 VMSA-2011-0004 VMware ESX/ESXi SLPD denial of service vulnerability and ESX third party updates for Service Console packages bind, pam, and rpm", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://lists.vmware.com/pipermail/security-announce/2011/000126.html", }, { name: "ADV-2011-0606", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2011/0606", }, { name: "20110308 VMSA-2011-0004 VMware ESX/ESXi SLPD denial of service vulnerability and ESX third party updates for Service Console packages bind, pam, and rpm.", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/516909/100/0/threaded", }, { name: "MDVSA-2010:220", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2010:220", }, { name: "49711", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/49711", }, { name: "RHSA-2010:0891", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2010-0891.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=643043", }, { name: "RHSA-2010:0819", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2010-0819.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.vmware.com/security/advisories/VMSA-2011-0004.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://pam.cvs.sourceforge.net/viewvc/pam/Linux-PAM/modules/pam_namespace/pam_namespace.c?view=log#rev1.13", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2010-10-25T00:00:00", descriptions: [ { lang: "en", value: "pam_namespace.c in the pam_namespace module in Linux-PAM (aka pam) before 1.1.3 uses the environment of the invoking application or service during execution of the namespace.init script, which might allow local users to gain privileges by running a setuid program that relies on the pam_namespace PAM check, as demonstrated by the sudo program.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-10T18:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "GLSA-201206-31", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "http://security.gentoo.org/glsa/glsa-201206-31.xml", }, { name: "[security-announce] 20110307 VMSA-2011-0004 VMware ESX/ESXi SLPD denial of service vulnerability and ESX third party updates for Service Console packages bind, pam, and rpm", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://lists.vmware.com/pipermail/security-announce/2011/000126.html", }, { name: "ADV-2011-0606", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2011/0606", }, { name: "20110308 VMSA-2011-0004 VMware ESX/ESXi SLPD denial of service vulnerability and ESX third party updates for Service Console packages bind, pam, and rpm.", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/516909/100/0/threaded", }, { name: "MDVSA-2010:220", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2010:220", }, { name: "49711", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/49711", }, { name: "RHSA-2010:0891", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2010-0891.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=643043", }, { name: "RHSA-2010:0819", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2010-0819.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.vmware.com/security/advisories/VMSA-2011-0004.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://pam.cvs.sourceforge.net/viewvc/pam/Linux-PAM/modules/pam_namespace/pam_namespace.c?view=log#rev1.13", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2010-3853", datePublished: "2011-01-24T17:00:00", dateReserved: "2010-10-08T00:00:00", dateUpdated: "2024-08-07T03:26:12.299Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2010-3435
Vulnerability from cvelistv5
Published
2011-01-24 17:00
Modified
2024-08-07 03:11
Severity ?
EPSS score ?
Summary
The (1) pam_env and (2) pam_mail modules in Linux-PAM (aka pam) before 1.1.2 use root privileges during read access to files and directories that belong to arbitrary user accounts, which might allow local users to obtain sensitive information by leveraging this filesystem activity, as demonstrated by a symlink attack on the .pam_environment file in a user's home directory.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T03:11:44.348Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "[oss-security] 20100927 Re: Minor security flaw with pam_xauth", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://openwall.com/lists/oss-security/2010/09/27/5", }, { name: "[oss-security] 20100921 Re: Minor security flaw with pam_xauth", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://openwall.com/lists/oss-security/2010/09/21/3", }, { name: "GLSA-201206-31", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "http://security.gentoo.org/glsa/glsa-201206-31.xml", }, { name: "[security-announce] 20110307 VMSA-2011-0004 VMware ESX/ESXi SLPD denial of service vulnerability and ESX third party updates for Service Console packages bind, pam, and rpm", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://lists.vmware.com/pipermail/security-announce/2011/000126.html", }, { name: "ADV-2011-0606", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2011/0606", }, { name: "20110308 VMSA-2011-0004 VMware ESX/ESXi SLPD denial of service vulnerability and ESX third party updates for Service Console packages bind, pam, and rpm.", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/516909/100/0/threaded", }, { name: "[oss-security] 20100924 Re: Minor security flaw with pam_xauth", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2010/09/24/2", }, { name: "[oss-security] 20100928 Re: Minor security flaw with pam_xauth", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://openwall.com/lists/oss-security/2010/09/27/10", }, { name: "[oss-security] 20100927 Re: Minor security flaw with pam_xauth", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://openwall.com/lists/oss-security/2010/09/27/4", }, { name: "MDVSA-2010:220", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2010:220", }, { name: "49711", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/49711", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://git.altlinux.org/people/ldv/packages/?p=pam.git%3Ba=commit%3Bh=06f882f30092a39a1db867c9744b2ca8d60e4ad6", }, { name: "[oss-security] 20100928 Re: Minor security flaw with pam_xauth", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://openwall.com/lists/oss-security/2010/09/27/7", }, { name: "RHSA-2010:0891", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2010-0891.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=641335", }, { name: "[oss-security] 20101025 Re: Minor security flaw with pam_xauth", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://openwall.com/lists/oss-security/2010/10/25/2", }, { name: "RHSA-2010:0819", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2010-0819.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.vmware.com/security/advisories/VMSA-2011-0004.html", }, { name: "[oss-security] 20100927 Re: Minor security flaw with pam_xauth", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://openwall.com/lists/oss-security/2010/09/27/8", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2010-09-21T00:00:00", descriptions: [ { lang: "en", value: "The (1) pam_env and (2) pam_mail modules in Linux-PAM (aka pam) before 1.1.2 use root privileges during read access to files and directories that belong to arbitrary user accounts, which might allow local users to obtain sensitive information by leveraging this filesystem activity, as demonstrated by a symlink attack on the .pam_environment file in a user's home directory.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-10T18:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "[oss-security] 20100927 Re: Minor security flaw with pam_xauth", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://openwall.com/lists/oss-security/2010/09/27/5", }, { name: "[oss-security] 20100921 Re: Minor security flaw with pam_xauth", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://openwall.com/lists/oss-security/2010/09/21/3", }, { name: "GLSA-201206-31", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "http://security.gentoo.org/glsa/glsa-201206-31.xml", }, { name: "[security-announce] 20110307 VMSA-2011-0004 VMware ESX/ESXi SLPD denial of service vulnerability and ESX third party updates for Service Console packages bind, pam, and rpm", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://lists.vmware.com/pipermail/security-announce/2011/000126.html", }, { name: "ADV-2011-0606", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2011/0606", }, { name: "20110308 VMSA-2011-0004 VMware ESX/ESXi SLPD denial of service vulnerability and ESX third party updates for Service Console packages bind, pam, and rpm.", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/516909/100/0/threaded", }, { name: "[oss-security] 20100924 Re: Minor security flaw with pam_xauth", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2010/09/24/2", }, { name: "[oss-security] 20100928 Re: Minor security flaw with pam_xauth", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://openwall.com/lists/oss-security/2010/09/27/10", }, { name: "[oss-security] 20100927 Re: Minor security flaw with pam_xauth", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://openwall.com/lists/oss-security/2010/09/27/4", }, { name: "MDVSA-2010:220", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2010:220", }, { name: "49711", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/49711", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://git.altlinux.org/people/ldv/packages/?p=pam.git%3Ba=commit%3Bh=06f882f30092a39a1db867c9744b2ca8d60e4ad6", }, { name: "[oss-security] 20100928 Re: Minor security flaw with pam_xauth", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://openwall.com/lists/oss-security/2010/09/27/7", }, { name: "RHSA-2010:0891", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2010-0891.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=641335", }, { name: "[oss-security] 20101025 Re: Minor security flaw with pam_xauth", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://openwall.com/lists/oss-security/2010/10/25/2", }, { name: "RHSA-2010:0819", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2010-0819.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.vmware.com/security/advisories/VMSA-2011-0004.html", }, { name: "[oss-security] 20100927 Re: Minor security flaw with pam_xauth", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://openwall.com/lists/oss-security/2010/09/27/8", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2010-3435", datePublished: "2011-01-24T17:00:00", dateReserved: "2010-09-17T00:00:00", dateUpdated: "2024-08-07T03:11:44.348Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2011-3149
Vulnerability from cvelistv5
Published
2012-07-22 17:00
Modified
2024-08-06 23:22
Severity ?
EPSS score ?
Summary
The _expand_arg function in the pam_env module (modules/pam_env/pam_env.c) in Linux-PAM (aka pam) before 1.1.5 does not properly handle when environment variable expansion can overflow, which allows local users to cause a denial of service (CPU consumption).
References
| ▼ | URL | Tags |
|---|---|---|
| http://security.gentoo.org/glsa/glsa-201206-31.xml | vendor-advisory, x_refsource_GENTOO | |
| http://www.ubuntu.com/usn/USN-1237-1 | vendor-advisory, x_refsource_UBUNTU | |
| http://secunia.com/advisories/46583 | third-party-advisory, x_refsource_SECUNIA | |
| http://secunia.com/advisories/49711 | third-party-advisory, x_refsource_SECUNIA | |
| https://bugs.launchpad.net/ubuntu/+source/pam/+bug/874565 | x_refsource_CONFIRM | |
| http://git.fedorahosted.org/git/?p=linux-pam.git%3Ba=commitdiff%3Bh=109823cb621c900c07c4b6cdc99070d354d19444 | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T23:22:27.630Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "GLSA-201206-31", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "http://security.gentoo.org/glsa/glsa-201206-31.xml", }, { name: "USN-1237-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-1237-1", }, { name: "46583", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/46583", }, { name: "49711", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/49711", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugs.launchpad.net/ubuntu/+source/pam/+bug/874565", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://git.fedorahosted.org/git/?p=linux-pam.git%3Ba=commitdiff%3Bh=109823cb621c900c07c4b6cdc99070d354d19444", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2011-10-24T00:00:00", descriptions: [ { lang: "en", value: "The _expand_arg function in the pam_env module (modules/pam_env/pam_env.c) in Linux-PAM (aka pam) before 1.1.5 does not properly handle when environment variable expansion can overflow, which allows local users to cause a denial of service (CPU consumption).", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2014-02-26T14:57:02", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "GLSA-201206-31", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "http://security.gentoo.org/glsa/glsa-201206-31.xml", }, { name: "USN-1237-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-1237-1", }, { name: "46583", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/46583", }, { name: "49711", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/49711", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugs.launchpad.net/ubuntu/+source/pam/+bug/874565", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://git.fedorahosted.org/git/?p=linux-pam.git%3Ba=commitdiff%3Bh=109823cb621c900c07c4b6cdc99070d354d19444", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2011-3149", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The _expand_arg function in the pam_env module (modules/pam_env/pam_env.c) in Linux-PAM (aka pam) before 1.1.5 does not properly handle when environment variable expansion can overflow, which allows local users to cause a denial of service (CPU consumption).", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "GLSA-201206-31", refsource: "GENTOO", url: "http://security.gentoo.org/glsa/glsa-201206-31.xml", }, { name: "USN-1237-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-1237-1", }, { name: "46583", refsource: "SECUNIA", url: "http://secunia.com/advisories/46583", }, { name: "49711", refsource: "SECUNIA", url: "http://secunia.com/advisories/49711", }, { name: "https://bugs.launchpad.net/ubuntu/+source/pam/+bug/874565", refsource: "CONFIRM", url: "https://bugs.launchpad.net/ubuntu/+source/pam/+bug/874565", }, { name: "http://git.fedorahosted.org/git/?p=linux-pam.git;a=commitdiff;h=109823cb621c900c07c4b6cdc99070d354d19444", refsource: "CONFIRM", url: "http://git.fedorahosted.org/git/?p=linux-pam.git;a=commitdiff;h=109823cb621c900c07c4b6cdc99070d354d19444", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2011-3149", datePublished: "2012-07-22T17:00:00", dateReserved: "2011-08-16T00:00:00", dateUpdated: "2024-08-06T23:22:27.630Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2009-0579
Vulnerability from cvelistv5
Published
2009-04-16 15:00
Modified
2024-08-07 04:40
Severity ?
EPSS score ?
Summary
Linux-PAM before 1.0.4 does not enforce the minimum password age (MINDAYS) as specified in /etc/shadow, which allows local users to bypass intended security policy and change their passwords sooner than specified.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/34728 | third-party-advisory, x_refsource_SECUNIA | |
| https://bugzilla.redhat.com/show_bug.cgi?id=487216 | x_refsource_CONFIRM | |
| https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00398.html | vendor-advisory, x_refsource_FEDORA | |
| https://www.redhat.com/archives/pam-list/2009-March/msg00006.html | mailing-list, x_refsource_MLIST | |
| http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=514437 | x_refsource_CONFIRM | |
| https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00420.html | vendor-advisory, x_refsource_FEDORA | |
| http://secunia.com/advisories/34733 | third-party-advisory, x_refsource_SECUNIA |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T04:40:04.090Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "34728", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/34728", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=487216", }, { name: "FEDORA-2009-3204", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00398.html", }, { name: "[pam-list] 20090309 Linux-PAM 1.0.4 released", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://www.redhat.com/archives/pam-list/2009-March/msg00006.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=514437", }, { name: "FEDORA-2009-3231", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00420.html", }, { name: "34733", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/34733", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Linux-PAM before 1.0.4 does not enforce the minimum password age (MINDAYS) as specified in /etc/shadow, which allows local users to bypass intended security policy and change their passwords sooner than specified.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2009-04-16T15:00:00Z", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "34728", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/34728", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=487216", }, { name: "FEDORA-2009-3204", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00398.html", }, { name: "[pam-list] 20090309 Linux-PAM 1.0.4 released", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://www.redhat.com/archives/pam-list/2009-March/msg00006.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=514437", }, { name: "FEDORA-2009-3231", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00420.html", }, { name: "34733", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/34733", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2009-0579", datePublished: "2009-04-16T15:00:00Z", dateReserved: "2009-02-13T00:00:00Z", dateUpdated: "2024-08-07T04:40:04.090Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-10041
Vulnerability from cvelistv5
Published
2024-10-23 13:46
Modified
2025-01-02 14:21
Severity ?
EPSS score ?
Summary
A vulnerability was found in PAM. The secret information is stored in memory, where the attacker can trigger the victim program to execute by sending characters to its standard input (stdin). As this occurs, the attacker can train the branch predictor to execute an ROP chain speculatively. This flaw could result in leaked passwords, such as those found in /etc/shadow while performing authentications.
References
| ▼ | URL | Tags |
|---|---|---|
| https://access.redhat.com/errata/RHSA-2024:10379 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2024:11250 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2024:9941 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/security/cve/CVE-2024-10041 | vdb-entry, x_refsource_REDHAT | |
| https://bugzilla.redhat.com/show_bug.cgi?id=2319212 | issue-tracking, x_refsource_REDHAT |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ |
Version: 1.6.0 ≤ |
||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-10041", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-23T14:35:15.520510Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-922", description: "CWE-922 Insecure Storage of Sensitive Information", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-11-04T17:03:47.703Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { collectionURL: "https://github.com/linux-pam/linux-pam", defaultStatus: "unaffected", packageName: "pam", versions: [ { lessThan: "1.6.0", status: "affected", version: "1.6.0", versionType: "semver", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/o:redhat:enterprise_linux:8::baseos", ], defaultStatus: "affected", packageName: "pam", product: "Red Hat Enterprise Linux 8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:1.3.1-36.el8_10", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:enterprise_linux:9::appstream", "cpe:/o:redhat:enterprise_linux:9::baseos", ], defaultStatus: "affected", packageName: "pam", product: "Red Hat Enterprise Linux 9", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:1.5.1-21.el9_5", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:enterprise_linux:9::appstream", "cpe:/o:redhat:enterprise_linux:9::baseos", ], defaultStatus: "affected", packageName: "pam", product: "Red Hat Enterprise Linux 9", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:1.5.1-21.el9_5", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:rhel_eus:9.4::appstream", "cpe:/o:redhat:rhel_eus:9.4::baseos", ], defaultStatus: "affected", packageName: "pam", product: "Red Hat Enterprise Linux 9.4 Extended Update Support", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:1.5.1-21.el9_4", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/o:redhat:enterprise_linux:7", ], defaultStatus: "unknown", packageName: "pam", product: "Red Hat Enterprise Linux 7", vendor: "Red Hat", }, ], datePublic: "2024-10-18T00:00:00+00:00", descriptions: [ { lang: "en", value: "A vulnerability was found in PAM. The secret information is stored in memory, where the attacker can trigger the victim program to execute by sending characters to its standard input (stdin). As this occurs, the attacker can train the branch predictor to execute an ROP chain speculatively. This flaw could result in leaked passwords, such as those found in /etc/shadow while performing authentications.", }, ], metrics: [ { other: { content: { namespace: "https://access.redhat.com/security/updates/classification/", value: "Moderate", }, type: "Red Hat severity rating", }, }, { cvssV3_1: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 4.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-922", description: "Insecure Storage of Sensitive Information", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-02T14:21:38.425Z", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "RHSA-2024:10379", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:10379", }, { name: "RHSA-2024:11250", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:11250", }, { name: "RHSA-2024:9941", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:9941", }, { tags: [ "vdb-entry", "x_refsource_REDHAT", ], url: "https://access.redhat.com/security/cve/CVE-2024-10041", }, { name: "RHBZ#2319212", tags: [ "issue-tracking", "x_refsource_REDHAT", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=2319212", }, ], timeline: [ { lang: "en", time: "2024-10-16T15:08:30.331000+00:00", value: "Reported to Red Hat.", }, { lang: "en", time: "2024-10-18T00:00:00+00:00", value: "Made public.", }, ], title: "Pam: libpam: libpam vulnerable to read hashed password", workarounds: [ { lang: "en", value: "This vulnerability is mitigated if SELinux is in Enforcing mode.\n\nTo verify if SELinux is in Enforcing mode, the output of the `getenforce` command will return `Enforcing', see the example below:\n\n~~~\n$ getenforce\nEnforcing\n~~~\n\nTo more information about SELinux, specifically how to set it to Enforcing mode, see the links below.\n\nhttps://docs.redhat.com/en/documentation/red_hat_enterprise_linux/8/html-single/using_selinux/index#changing-to-enforcing-mode_changing-selinux-states-and-modes\nhttps://docs.redhat.com/en/documentation/red_hat_enterprise_linux/9/html-single/using_selinux/index#changing-to-enforcing-mode_changing-selinux-states-and-modes", }, ], x_redhatCweChain: "CWE-922: Insecure Storage of Sensitive Information", }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2024-10041", datePublished: "2024-10-23T13:46:27.963Z", dateReserved: "2024-10-16T16:13:54.632Z", dateUpdated: "2025-01-02T14:21:38.425Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2014-2583
Vulnerability from cvelistv5
Published
2014-04-10 14:00
Modified
2024-08-06 10:21
Severity ?
EPSS score ?
Summary
Multiple directory traversal vulnerabilities in pam_timestamp.c in the pam_timestamp module for Linux-PAM (aka pam) 1.1.8 allow local users to create arbitrary files or possibly bypass authentication via a .. (dot dot) in the (1) PAM_RUSER value to the get_ruser function or (2) PAM_TTY value to the check_tty function, which is used by the format_timestamp_name function.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.openwall.com/lists/oss-security/2014/03/24/5 | mailing-list, x_refsource_MLIST | |
| http://www.securityfocus.com/bid/66493 | vdb-entry, x_refsource_BID | |
| https://security.gentoo.org/glsa/201605-05 | vendor-advisory, x_refsource_GENTOO | |
| http://secunia.com/advisories/57317 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.ubuntu.com/usn/USN-2935-2 | vendor-advisory, x_refsource_UBUNTU | |
| http://www.openwall.com/lists/oss-security/2014/03/31/6 | mailing-list, x_refsource_MLIST | |
| http://www.ubuntu.com/usn/USN-2935-3 | vendor-advisory, x_refsource_UBUNTU | |
| http://www.ubuntu.com/usn/USN-2935-1 | vendor-advisory, x_refsource_UBUNTU | |
| https://git.fedorahosted.org/cgit/linux-pam.git/commit/?id=Linux-PAM-1_1_8-32-g9dcead8 | x_refsource_CONFIRM | |
| http://www.openwall.com/lists/oss-security/2014/03/26/10 | mailing-list, x_refsource_MLIST |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T10:21:35.162Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "[oss-security] 20140324 pam_timestamp internals", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2014/03/24/5", }, { name: "66493", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/66493", }, { name: "GLSA-201605-05", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201605-05", }, { name: "57317", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/57317", }, { name: "USN-2935-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2935-2", }, { name: "[oss-security] 20140331 Re: pam_timestamp internals", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2014/03/31/6", }, { name: "USN-2935-3", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2935-3", }, { name: "USN-2935-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2935-1", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://git.fedorahosted.org/cgit/linux-pam.git/commit/?id=Linux-PAM-1_1_8-32-g9dcead8", }, { name: "[oss-security] 20140326 Re: pam_timestamp internals", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2014/03/26/10", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2014-03-24T00:00:00", descriptions: [ { lang: "en", value: "Multiple directory traversal vulnerabilities in pam_timestamp.c in the pam_timestamp module for Linux-PAM (aka pam) 1.1.8 allow local users to create arbitrary files or possibly bypass authentication via a .. (dot dot) in the (1) PAM_RUSER value to the get_ruser function or (2) PAM_TTY value to the check_tty function, which is used by the format_timestamp_name function.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2016-12-01T15:57:02", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "[oss-security] 20140324 pam_timestamp internals", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2014/03/24/5", }, { name: "66493", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/66493", }, { name: "GLSA-201605-05", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201605-05", }, { name: "57317", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/57317", }, { name: "USN-2935-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2935-2", }, { name: "[oss-security] 20140331 Re: pam_timestamp internals", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2014/03/31/6", }, { name: "USN-2935-3", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2935-3", }, { name: "USN-2935-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2935-1", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://git.fedorahosted.org/cgit/linux-pam.git/commit/?id=Linux-PAM-1_1_8-32-g9dcead8", }, { name: "[oss-security] 20140326 Re: pam_timestamp internals", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2014/03/26/10", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2014-2583", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Multiple directory traversal vulnerabilities in pam_timestamp.c in the pam_timestamp module for Linux-PAM (aka pam) 1.1.8 allow local users to create arbitrary files or possibly bypass authentication via a .. (dot dot) in the (1) PAM_RUSER value to the get_ruser function or (2) PAM_TTY value to the check_tty function, which is used by the format_timestamp_name function.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "[oss-security] 20140324 pam_timestamp internals", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2014/03/24/5", }, { name: "66493", refsource: "BID", url: "http://www.securityfocus.com/bid/66493", }, { name: "GLSA-201605-05", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201605-05", }, { name: "57317", refsource: "SECUNIA", url: "http://secunia.com/advisories/57317", }, { name: "USN-2935-2", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2935-2", }, { name: "[oss-security] 20140331 Re: pam_timestamp internals", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2014/03/31/6", }, { name: "USN-2935-3", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2935-3", }, { name: "USN-2935-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-2935-1", }, { name: "https://git.fedorahosted.org/cgit/linux-pam.git/commit/?id=Linux-PAM-1_1_8-32-g9dcead8", refsource: "CONFIRM", url: "https://git.fedorahosted.org/cgit/linux-pam.git/commit/?id=Linux-PAM-1_1_8-32-g9dcead8", }, { name: "[oss-security] 20140326 Re: pam_timestamp internals", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2014/03/26/10", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2014-2583", datePublished: "2014-04-10T14:00:00", dateReserved: "2014-03-21T00:00:00", dateUpdated: "2024-08-06T10:21:35.162Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-27780
Vulnerability from cvelistv5
Published
2020-12-17 23:55
Modified
2024-08-04 16:25
Severity ?
EPSS score ?
Summary
A flaw was found in Linux-Pam in versions prior to 1.5.1 in the way it handle empty passwords for non-existing users. When the user doesn't exist PAM try to authenticate with root and in the case of an empty password it successfully authenticate.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=1901094 | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T16:25:42.438Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1901094", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "pam", vendor: "n/a", versions: [ { status: "affected", version: "pam 1.5.1", }, ], }, ], descriptions: [ { lang: "en", value: "A flaw was found in Linux-Pam in versions prior to 1.5.1 in the way it handle empty passwords for non-existing users. When the user doesn't exist PAM try to authenticate with root and in the case of an empty password it successfully authenticate.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-287", description: "CWE-287", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-12-17T23:55:45", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1901094", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2020-27780", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "pam", version: { version_data: [ { version_value: "pam 1.5.1", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A flaw was found in Linux-Pam in versions prior to 1.5.1 in the way it handle empty passwords for non-existing users. When the user doesn't exist PAM try to authenticate with root and in the case of an empty password it successfully authenticate.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-287", }, ], }, ], }, references: { reference_data: [ { name: "https://bugzilla.redhat.com/show_bug.cgi?id=1901094", refsource: "MISC", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1901094", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2020-27780", datePublished: "2020-12-17T23:55:45", dateReserved: "2020-10-27T00:00:00", dateUpdated: "2024-08-04T16:25:42.438Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2015-3238
Vulnerability from cvelistv5
Published
2015-08-24 14:00
Modified
2024-08-06 05:39
Severity ?
EPSS score ?
Summary
The _unix_run_helper_binary function in the pam_unix module in Linux-PAM (aka pam) before 1.2.1, when unable to directly access passwords, allows local users to enumerate usernames or cause a denial of service (hang) via a large password.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T05:39:32.046Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "FEDORA-2015-10830", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/161249.html", }, { name: "RHSA-2015:1640", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1640.html", }, { name: "[oss-security] 20150625 Linux-PAM 1.2.1 released to address CVE-2015-3238", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2015/06/25/13", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1228571", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2015-011/?fid=6551", }, { name: "GLSA-201605-05", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201605-05", }, { name: "USN-2935-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2935-2", }, { name: "USN-2935-3", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2935-3", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html", }, { name: "USN-2935-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-2935-1", }, { name: "FEDORA-2015-10848", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161350.html", }, { name: "75428", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/75428", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.trustwave.com/Resources/SpiderLabs-Blog/Username-Enumeration-against-OpenSSH-SELinux-with-CVE-2015-3238/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-06-25T00:00:00", descriptions: [ { lang: "en", value: "The _unix_run_helper_binary function in the pam_unix module in Linux-PAM (aka pam) before 1.2.1, when unable to directly access passwords, allows local users to enumerate usernames or cause a denial of service (hang) via a large password.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2016-12-01T15:57:02", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "FEDORA-2015-10830", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/161249.html", }, { name: "RHSA-2015:1640", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1640.html", }, { name: "[oss-security] 20150625 Linux-PAM 1.2.1 released to address CVE-2015-3238", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2015/06/25/13", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1228571", }, { tags: [ "x_refsource_MISC", ], url: "https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2015-011/?fid=6551", }, { name: "GLSA-201605-05", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201605-05", }, { name: "USN-2935-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2935-2", }, { name: "USN-2935-3", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2935-3", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html", }, { name: "USN-2935-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-2935-1", }, { name: "FEDORA-2015-10848", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161350.html", }, { name: "75428", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/75428", }, { tags: [ "x_refsource_MISC", ], url: "https://www.trustwave.com/Resources/SpiderLabs-Blog/Username-Enumeration-against-OpenSSH-SELinux-with-CVE-2015-3238/", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2015-3238", datePublished: "2015-08-24T14:00:00", dateReserved: "2015-04-10T00:00:00", dateUpdated: "2024-08-06T05:39:32.046Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2010-3430
Vulnerability from cvelistv5
Published
2011-01-24 17:00
Modified
2024-08-07 03:11
Severity ?
EPSS score ?
Summary
The privilege-dropping implementation in the (1) pam_env and (2) pam_mail modules in Linux-PAM (aka pam) 1.1.2 does not perform the required setfsgid and setgroups system calls, which might allow local users to obtain sensitive information by leveraging unintended group permissions, as demonstrated by a symlink attack on the .pam_environment file in a user's home directory. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-3435.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T03:11:44.189Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "[oss-security] 20100927 Re: Minor security flaw with pam_xauth", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://openwall.com/lists/oss-security/2010/09/27/5", }, { name: "[oss-security] 20100921 Re: Minor security flaw with pam_xauth", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://openwall.com/lists/oss-security/2010/09/21/3", }, { name: "GLSA-201206-31", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "http://security.gentoo.org/glsa/glsa-201206-31.xml", }, { name: "[oss-security] 20101004 Re: Minor security flaw with pam_xauth", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://openwall.com/lists/oss-security/2010/10/03/1", }, { name: "[oss-security] 20100924 Re: Minor security flaw with pam_xauth", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2010/09/24/2", }, { name: "[oss-security] 20100921 Re: Minor security flaw with pam_xauth", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://openwall.com/lists/oss-security/2010/09/21/9", }, { name: "[oss-security] 20100921 Re: Minor security flaw with pam_xauth", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://openwall.com/lists/oss-security/2010/09/21/8", }, { name: "[oss-security] 20100928 Re: Minor security flaw with pam_xauth", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://openwall.com/lists/oss-security/2010/09/27/10", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://git.altlinux.org/people/ldv/packages/?p=pam.git%3Ba=commit%3Bh=843807a3a90f52e7538be756616510730a24739a", }, { name: "[oss-security] 20100927 Re: Minor security flaw with pam_xauth", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://openwall.com/lists/oss-security/2010/09/27/4", }, { name: "[oss-security] 20100921 Re: Minor security flaw with pam_xauth", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://openwall.com/lists/oss-security/2010/09/21/10", }, { name: "49711", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/49711", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=641361", }, { name: "[oss-security] 20100928 Re: Minor security flaw with pam_xauth", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://openwall.com/lists/oss-security/2010/09/27/7", }, { name: "[oss-security] 20101025 Re: Minor security flaw with pam_xauth", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://openwall.com/lists/oss-security/2010/10/25/2", }, { name: "[oss-security] 20100921 Re: Minor security flaw with pam_xauth", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2010/09/21/11", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2010-09-21T00:00:00", descriptions: [ { lang: "en", value: "The privilege-dropping implementation in the (1) pam_env and (2) pam_mail modules in Linux-PAM (aka pam) 1.1.2 does not perform the required setfsgid and setgroups system calls, which might allow local users to obtain sensitive information by leveraging unintended group permissions, as demonstrated by a symlink attack on the .pam_environment file in a user's home directory. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-3435.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2012-07-24T09:00:00", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "[oss-security] 20100927 Re: Minor security flaw with pam_xauth", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://openwall.com/lists/oss-security/2010/09/27/5", }, { name: "[oss-security] 20100921 Re: Minor security flaw with pam_xauth", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://openwall.com/lists/oss-security/2010/09/21/3", }, { name: "GLSA-201206-31", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "http://security.gentoo.org/glsa/glsa-201206-31.xml", }, { name: "[oss-security] 20101004 Re: Minor security flaw with pam_xauth", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://openwall.com/lists/oss-security/2010/10/03/1", }, { name: "[oss-security] 20100924 Re: Minor security flaw with pam_xauth", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2010/09/24/2", }, { name: "[oss-security] 20100921 Re: Minor security flaw with pam_xauth", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://openwall.com/lists/oss-security/2010/09/21/9", }, { name: "[oss-security] 20100921 Re: Minor security flaw with pam_xauth", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://openwall.com/lists/oss-security/2010/09/21/8", }, { name: "[oss-security] 20100928 Re: Minor security flaw with pam_xauth", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://openwall.com/lists/oss-security/2010/09/27/10", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://git.altlinux.org/people/ldv/packages/?p=pam.git%3Ba=commit%3Bh=843807a3a90f52e7538be756616510730a24739a", }, { name: "[oss-security] 20100927 Re: Minor security flaw with pam_xauth", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://openwall.com/lists/oss-security/2010/09/27/4", }, { name: "[oss-security] 20100921 Re: Minor security flaw with pam_xauth", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://openwall.com/lists/oss-security/2010/09/21/10", }, { name: "49711", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/49711", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=641361", }, { name: "[oss-security] 20100928 Re: Minor security flaw with pam_xauth", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://openwall.com/lists/oss-security/2010/09/27/7", }, { name: "[oss-security] 20101025 Re: Minor security flaw with pam_xauth", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://openwall.com/lists/oss-security/2010/10/25/2", }, { name: "[oss-security] 20100921 Re: Minor security flaw with pam_xauth", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2010/09/21/11", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2010-3430", datePublished: "2011-01-24T17:00:00", dateReserved: "2010-09-17T00:00:00", dateUpdated: "2024-08-07T03:11:44.189Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-28321
Vulnerability from cvelistv5
Published
2022-09-19 21:10
Modified
2024-08-03 05:48
Severity ?
EPSS score ?
Summary
The Linux-PAM package before 1.5.2-6.1 for openSUSE Tumbleweed allows authentication bypass for SSH logins. The pam_access.so module doesn't correctly restrict login if a user tries to connect from an IP address that is not resolvable via DNS. In such conditions, a user with denied access to a machine can still get access. NOTE: the relevance of this issue is largely limited to openSUSE Tumbleweed and openSUSE Factory; it does not affect Linux-PAM upstream.
References
| ▼ | URL | Tags |
|---|---|---|
| http://download.opensuse.org/source/distribution/openSUSE-current/repo/oss/src/ | x_refsource_MISC | |
| https://www.suse.com/security/cve/CVE-2022-28321.html | x_refsource_MISC | |
| https://bugzilla.suse.com/show_bug.cgi?id=1197654 | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T05:48:37.939Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://download.opensuse.org/source/distribution/openSUSE-current/repo/oss/src/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.suse.com/security/cve/CVE-2022-28321.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugzilla.suse.com/show_bug.cgi?id=1197654", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "The Linux-PAM package before 1.5.2-6.1 for openSUSE Tumbleweed allows authentication bypass for SSH logins. The pam_access.so module doesn't correctly restrict login if a user tries to connect from an IP address that is not resolvable via DNS. In such conditions, a user with denied access to a machine can still get access. NOTE: the relevance of this issue is largely limited to openSUSE Tumbleweed and openSUSE Factory; it does not affect Linux-PAM upstream.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-09-19T21:10:22", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "http://download.opensuse.org/source/distribution/openSUSE-current/repo/oss/src/", }, { tags: [ "x_refsource_MISC", ], url: "https://www.suse.com/security/cve/CVE-2022-28321.html", }, { tags: [ "x_refsource_MISC", ], url: "https://bugzilla.suse.com/show_bug.cgi?id=1197654", }, ], source: { discovery: "INTERNAL", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2022-28321", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The Linux-PAM package before 1.5.2-6.1 for openSUSE Tumbleweed allows authentication bypass for SSH logins. The pam_access.so module doesn't correctly restrict login if a user tries to connect from an IP address that is not resolvable via DNS. In such conditions, a user with denied access to a machine can still get access. NOTE: the relevance of this issue is largely limited to openSUSE Tumbleweed and openSUSE Factory; it does not affect Linux-PAM upstream.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://download.opensuse.org/source/distribution/openSUSE-current/repo/oss/src/", refsource: "MISC", url: "http://download.opensuse.org/source/distribution/openSUSE-current/repo/oss/src/", }, { name: "https://www.suse.com/security/cve/CVE-2022-28321.html", refsource: "MISC", url: "https://www.suse.com/security/cve/CVE-2022-28321.html", }, { name: "https://bugzilla.suse.com/show_bug.cgi?id=1197654", refsource: "MISC", url: "https://bugzilla.suse.com/show_bug.cgi?id=1197654", }, ], }, source: { discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2022-28321", datePublished: "2022-09-19T21:10:22", dateReserved: "2022-04-01T00:00:00", dateUpdated: "2024-08-03T05:48:37.939Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-22365
Vulnerability from cvelistv5
Published
2024-02-06 00:00
Modified
2024-08-01 22:43
Severity ?
EPSS score ?
Summary
linux-pam (aka Linux PAM) before 1.6.0 allows attackers to cause a denial of service (blocked login process) via mkfifo because the openat call (for protect_dir) lacks O_DIRECTORY.
References
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-22365", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-02-15T21:07:13.510998Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-06-04T17:52:23.208Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-01T22:43:34.704Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://github.com/linux-pam/linux-pam", }, { tags: [ "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2024/01/18/3", }, { tags: [ "x_transferred", ], url: "https://github.com/linux-pam/linux-pam/releases/tag/v1.6.0", }, { tags: [ "x_transferred", ], url: "https://github.com/linux-pam/linux-pam/commit/031bb5a5d0d950253b68138b498dc93be69a64cb", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "linux-pam (aka Linux PAM) before 1.6.0 allows attackers to cause a denial of service (blocked login process) via mkfifo because the openat call (for protect_dir) lacks O_DIRECTORY.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-02-06T07:26:23.317057", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://github.com/linux-pam/linux-pam", }, { url: "http://www.openwall.com/lists/oss-security/2024/01/18/3", }, { url: "https://github.com/linux-pam/linux-pam/releases/tag/v1.6.0", }, { url: "https://github.com/linux-pam/linux-pam/commit/031bb5a5d0d950253b68138b498dc93be69a64cb", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2024-22365", datePublished: "2024-02-06T00:00:00", dateReserved: "2024-01-09T00:00:00", dateUpdated: "2024-08-01T22:43:34.704Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2010-3316
Vulnerability from cvelistv5
Published
2011-01-24 17:00
Modified
2024-08-07 03:03
Severity ?
EPSS score ?
Summary
The run_coprocess function in pam_xauth.c in the pam_xauth module in Linux-PAM (aka pam) before 1.1.2 does not check the return values of the setuid, setgid, and setgroups system calls, which might allow local users to read arbitrary files by executing a program that relies on the pam_xauth PAM check.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T03:03:18.998Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "[oss-security] 20100927 Re: Minor security flaw with pam_xauth", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://openwall.com/lists/oss-security/2010/09/27/5", }, { name: "[oss-security] 20100921 Re: Minor security flaw with pam_xauth", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://openwall.com/lists/oss-security/2010/09/21/3", }, { name: "GLSA-201206-31", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "http://security.gentoo.org/glsa/glsa-201206-31.xml", }, { name: "[security-announce] 20110307 VMSA-2011-0004 VMware ESX/ESXi SLPD denial of service vulnerability and ESX third party updates for Service Console packages bind, pam, and rpm", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://lists.vmware.com/pipermail/security-announce/2011/000126.html", }, { name: "ADV-2011-0606", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2011/0606", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=637898", }, { name: "20110308 VMSA-2011-0004 VMware ESX/ESXi SLPD denial of service vulnerability and ESX third party updates for Service Console packages bind, pam, and rpm.", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/516909/100/0/threaded", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://sourceforge.net/tracker/?func=detail&aid=3028213&group_id=6663&atid=106663", }, { name: "[oss-security] 20100924 Re: Minor security flaw with pam_xauth", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2010/09/24/2", }, { name: "[oss-security] 20100816 Minor security flaw with pam_xauth", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://openwall.com/lists/oss-security/2010/08/16/2", }, { name: "[oss-security] 20100921 Re: Minor security flaw with pam_xauth", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://openwall.com/lists/oss-security/2010/09/21/8", }, { name: "[oss-security] 20100928 Re: Minor security flaw with pam_xauth", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://openwall.com/lists/oss-security/2010/09/27/10", }, { name: "[oss-security] 20100927 Re: Minor security flaw with pam_xauth", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://openwall.com/lists/oss-security/2010/09/27/4", }, { name: "MDVSA-2010:220", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2010:220", }, { name: "49711", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/49711", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://git.altlinux.org/people/ldv/packages/?p=pam.git%3Ba=commit%3Bh=06f882f30092a39a1db867c9744b2ca8d60e4ad6", }, { name: "[oss-security] 20100928 Re: Minor security flaw with pam_xauth", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://openwall.com/lists/oss-security/2010/09/27/7", }, { name: "RHSA-2010:0891", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2010-0891.html", }, { name: "[oss-security] 20101025 Re: Minor security flaw with pam_xauth", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://openwall.com/lists/oss-security/2010/10/25/2", }, { name: "RHSA-2010:0819", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2010-0819.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.vmware.com/security/advisories/VMSA-2011-0004.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2010-08-16T00:00:00", descriptions: [ { lang: "en", value: "The run_coprocess function in pam_xauth.c in the pam_xauth module in Linux-PAM (aka pam) before 1.1.2 does not check the return values of the setuid, setgid, and setgroups system calls, which might allow local users to read arbitrary files by executing a program that relies on the pam_xauth PAM check.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-10T18:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "[oss-security] 20100927 Re: Minor security flaw with pam_xauth", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://openwall.com/lists/oss-security/2010/09/27/5", }, { name: "[oss-security] 20100921 Re: Minor security flaw with pam_xauth", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://openwall.com/lists/oss-security/2010/09/21/3", }, { name: "GLSA-201206-31", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "http://security.gentoo.org/glsa/glsa-201206-31.xml", }, { name: "[security-announce] 20110307 VMSA-2011-0004 VMware ESX/ESXi SLPD denial of service vulnerability and ESX third party updates for Service Console packages bind, pam, and rpm", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://lists.vmware.com/pipermail/security-announce/2011/000126.html", }, { name: "ADV-2011-0606", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2011/0606", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=637898", }, { name: "20110308 VMSA-2011-0004 VMware ESX/ESXi SLPD denial of service vulnerability and ESX third party updates for Service Console packages bind, pam, and rpm.", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/516909/100/0/threaded", }, { tags: [ "x_refsource_MISC", ], url: "https://sourceforge.net/tracker/?func=detail&aid=3028213&group_id=6663&atid=106663", }, { name: "[oss-security] 20100924 Re: Minor security flaw with pam_xauth", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2010/09/24/2", }, { name: "[oss-security] 20100816 Minor security flaw with pam_xauth", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://openwall.com/lists/oss-security/2010/08/16/2", }, { name: "[oss-security] 20100921 Re: Minor security flaw with pam_xauth", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://openwall.com/lists/oss-security/2010/09/21/8", }, { name: "[oss-security] 20100928 Re: Minor security flaw with pam_xauth", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://openwall.com/lists/oss-security/2010/09/27/10", }, { name: "[oss-security] 20100927 Re: Minor security flaw with pam_xauth", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://openwall.com/lists/oss-security/2010/09/27/4", }, { name: "MDVSA-2010:220", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2010:220", }, { name: "49711", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/49711", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://git.altlinux.org/people/ldv/packages/?p=pam.git%3Ba=commit%3Bh=06f882f30092a39a1db867c9744b2ca8d60e4ad6", }, { name: "[oss-security] 20100928 Re: Minor security flaw with pam_xauth", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://openwall.com/lists/oss-security/2010/09/27/7", }, { name: "RHSA-2010:0891", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2010-0891.html", }, { name: "[oss-security] 20101025 Re: Minor security flaw with pam_xauth", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://openwall.com/lists/oss-security/2010/10/25/2", }, { name: "RHSA-2010:0819", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2010-0819.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.vmware.com/security/advisories/VMSA-2011-0004.html", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2010-3316", datePublished: "2011-01-24T17:00:00", dateReserved: "2010-09-13T00:00:00", dateUpdated: "2024-08-07T03:03:18.998Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2010-3431
Vulnerability from cvelistv5
Published
2011-01-24 17:00
Modified
2024-08-07 03:11
Severity ?
EPSS score ?
Summary
The privilege-dropping implementation in the (1) pam_env and (2) pam_mail modules in Linux-PAM (aka pam) 1.1.2 does not check the return value of the setfsuid system call, which might allow local users to obtain sensitive information by leveraging an unintended uid, as demonstrated by a symlink attack on the .pam_environment file in a user's home directory. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-3435.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T03:11:44.353Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "[oss-security] 20100927 Re: Minor security flaw with pam_xauth", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://openwall.com/lists/oss-security/2010/09/27/5", }, { name: "[oss-security] 20100921 Re: Minor security flaw with pam_xauth", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://openwall.com/lists/oss-security/2010/09/21/3", }, { name: "GLSA-201206-31", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "http://security.gentoo.org/glsa/glsa-201206-31.xml", }, { name: "[oss-security] 20101004 Re: Minor security flaw with pam_xauth", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://openwall.com/lists/oss-security/2010/10/03/1", }, { name: "[oss-security] 20100924 Re: Minor security flaw with pam_xauth", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2010/09/24/2", }, { name: "[oss-security] 20100921 Re: Minor security flaw with pam_xauth", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://openwall.com/lists/oss-security/2010/09/21/9", }, { name: "[oss-security] 20100921 Re: Minor security flaw with pam_xauth", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://openwall.com/lists/oss-security/2010/09/21/8", }, { name: "[oss-security] 20100928 Re: Minor security flaw with pam_xauth", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://openwall.com/lists/oss-security/2010/09/27/10", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://git.altlinux.org/people/ldv/packages/?p=pam.git%3Ba=commit%3Bh=843807a3a90f52e7538be756616510730a24739a", }, { name: "[oss-security] 20100927 Re: Minor security flaw with pam_xauth", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://openwall.com/lists/oss-security/2010/09/27/4", }, { name: "[oss-security] 20100921 Re: Minor security flaw with pam_xauth", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://openwall.com/lists/oss-security/2010/09/21/10", }, { name: "49711", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/49711", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=641361", }, { name: "[oss-security] 20100928 Re: Minor security flaw with pam_xauth", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://openwall.com/lists/oss-security/2010/09/27/7", }, { name: "[oss-security] 20101025 Re: Minor security flaw with pam_xauth", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://openwall.com/lists/oss-security/2010/10/25/2", }, { name: "[oss-security] 20100921 Re: Minor security flaw with pam_xauth", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2010/09/21/11", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2010-09-21T00:00:00", descriptions: [ { lang: "en", value: "The privilege-dropping implementation in the (1) pam_env and (2) pam_mail modules in Linux-PAM (aka pam) 1.1.2 does not check the return value of the setfsuid system call, which might allow local users to obtain sensitive information by leveraging an unintended uid, as demonstrated by a symlink attack on the .pam_environment file in a user's home directory. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-3435.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2012-07-24T09:00:00", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "[oss-security] 20100927 Re: Minor security flaw with pam_xauth", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://openwall.com/lists/oss-security/2010/09/27/5", }, { name: "[oss-security] 20100921 Re: Minor security flaw with pam_xauth", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://openwall.com/lists/oss-security/2010/09/21/3", }, { name: "GLSA-201206-31", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "http://security.gentoo.org/glsa/glsa-201206-31.xml", }, { name: "[oss-security] 20101004 Re: Minor security flaw with pam_xauth", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://openwall.com/lists/oss-security/2010/10/03/1", }, { name: "[oss-security] 20100924 Re: Minor security flaw with pam_xauth", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2010/09/24/2", }, { name: "[oss-security] 20100921 Re: Minor security flaw with pam_xauth", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://openwall.com/lists/oss-security/2010/09/21/9", }, { name: "[oss-security] 20100921 Re: Minor security flaw with pam_xauth", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://openwall.com/lists/oss-security/2010/09/21/8", }, { name: "[oss-security] 20100928 Re: Minor security flaw with pam_xauth", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://openwall.com/lists/oss-security/2010/09/27/10", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://git.altlinux.org/people/ldv/packages/?p=pam.git%3Ba=commit%3Bh=843807a3a90f52e7538be756616510730a24739a", }, { name: "[oss-security] 20100927 Re: Minor security flaw with pam_xauth", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://openwall.com/lists/oss-security/2010/09/27/4", }, { name: "[oss-security] 20100921 Re: Minor security flaw with pam_xauth", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://openwall.com/lists/oss-security/2010/09/21/10", }, { name: "49711", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/49711", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=641361", }, { name: "[oss-security] 20100928 Re: Minor security flaw with pam_xauth", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://openwall.com/lists/oss-security/2010/09/27/7", }, { name: "[oss-security] 20101025 Re: Minor security flaw with pam_xauth", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://openwall.com/lists/oss-security/2010/10/25/2", }, { name: "[oss-security] 20100921 Re: Minor security flaw with pam_xauth", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2010/09/21/11", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2010-3431", datePublished: "2011-01-24T17:00:00", dateReserved: "2010-09-17T00:00:00", dateUpdated: "2024-08-07T03:11:44.353Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2010-4706
Vulnerability from cvelistv5
Published
2011-01-24 18:00
Modified
2024-08-07 03:55
Severity ?
EPSS score ?
Summary
The pam_sm_close_session function in pam_xauth.c in the pam_xauth module in Linux-PAM (aka pam) 1.1.2 and earlier does not properly handle a failure to determine a certain target uid, which might allow local users to delete unintended files by executing a program that relies on the pam_xauth PAM check.
References
| ▼ | URL | Tags |
|---|---|---|
| http://git.altlinux.org/people/ldv/packages/?p=pam.git%3Ba=commit%3Bh=Linux-PAM-1_1_2-3-g05dafc06cd3dfeb7c4b24942e4e1ae33ff75a123 | x_refsource_CONFIRM | |
| http://security.gentoo.org/glsa/glsa-201206-31.xml | vendor-advisory, x_refsource_GENTOO | |
| http://openwall.com/lists/oss-security/2010/10/03/1 | mailing-list, x_refsource_MLIST | |
| http://www.securityfocus.com/bid/46045 | vdb-entry, x_refsource_BID | |
| http://secunia.com/advisories/49711 | third-party-advisory, x_refsource_SECUNIA | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/65035 | vdb-entry, x_refsource_XF |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T03:55:35.062Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://git.altlinux.org/people/ldv/packages/?p=pam.git%3Ba=commit%3Bh=Linux-PAM-1_1_2-3-g05dafc06cd3dfeb7c4b24942e4e1ae33ff75a123", }, { name: "GLSA-201206-31", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "http://security.gentoo.org/glsa/glsa-201206-31.xml", }, { name: "[oss-security] 20101004 Re: Minor security flaw with pam_xauth", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://openwall.com/lists/oss-security/2010/10/03/1", }, { name: "46045", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/46045", }, { name: "49711", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/49711", }, { name: "linuxpam-pamsmclosesession-weak-security(65035)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/65035", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2010-09-28T00:00:00", descriptions: [ { lang: "en", value: "The pam_sm_close_session function in pam_xauth.c in the pam_xauth module in Linux-PAM (aka pam) 1.1.2 and earlier does not properly handle a failure to determine a certain target uid, which might allow local users to delete unintended files by executing a program that relies on the pam_xauth PAM check.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-08-16T14:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://git.altlinux.org/people/ldv/packages/?p=pam.git%3Ba=commit%3Bh=Linux-PAM-1_1_2-3-g05dafc06cd3dfeb7c4b24942e4e1ae33ff75a123", }, { name: "GLSA-201206-31", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "http://security.gentoo.org/glsa/glsa-201206-31.xml", }, { name: "[oss-security] 20101004 Re: Minor security flaw with pam_xauth", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://openwall.com/lists/oss-security/2010/10/03/1", }, { name: "46045", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/46045", }, { name: "49711", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/49711", }, { name: "linuxpam-pamsmclosesession-weak-security(65035)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/65035", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2010-4706", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The pam_sm_close_session function in pam_xauth.c in the pam_xauth module in Linux-PAM (aka pam) 1.1.2 and earlier does not properly handle a failure to determine a certain target uid, which might allow local users to delete unintended files by executing a program that relies on the pam_xauth PAM check.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://git.altlinux.org/people/ldv/packages/?p=pam.git;a=commit;h=Linux-PAM-1_1_2-3-g05dafc06cd3dfeb7c4b24942e4e1ae33ff75a123", refsource: "CONFIRM", url: "http://git.altlinux.org/people/ldv/packages/?p=pam.git;a=commit;h=Linux-PAM-1_1_2-3-g05dafc06cd3dfeb7c4b24942e4e1ae33ff75a123", }, { name: "GLSA-201206-31", refsource: "GENTOO", url: "http://security.gentoo.org/glsa/glsa-201206-31.xml", }, { name: "[oss-security] 20101004 Re: Minor security flaw with pam_xauth", refsource: "MLIST", url: "http://openwall.com/lists/oss-security/2010/10/03/1", }, { name: "46045", refsource: "BID", url: "http://www.securityfocus.com/bid/46045", }, { name: "49711", refsource: "SECUNIA", url: "http://secunia.com/advisories/49711", }, { name: "linuxpam-pamsmclosesession-weak-security(65035)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/65035", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2010-4706", datePublished: "2011-01-24T18:00:00", dateReserved: "2011-01-24T00:00:00", dateUpdated: "2024-08-07T03:55:35.062Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2010-4708
Vulnerability from cvelistv5
Published
2011-01-24 18:00
Modified
2024-08-07 03:55
Severity ?
EPSS score ?
Summary
The pam_env module in Linux-PAM (aka pam) 1.1.2 and earlier reads the .pam_environment file in a user's home directory, which might allow local users to run programs with an unintended environment by executing a program that relies on the pam_env PAM check.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/65037 | vdb-entry, x_refsource_XF | |
| http://security.gentoo.org/glsa/glsa-201206-31.xml | vendor-advisory, x_refsource_GENTOO | |
| https://bugzilla.redhat.com/show_bug.cgi?id=641335 | x_refsource_MISC | |
| http://pam.cvs.sourceforge.net/viewvc/pam/Linux-PAM/modules/pam_env/pam_env.8.xml?r1=1.7&r2=1.8 | x_refsource_CONFIRM | |
| http://secunia.com/advisories/49711 | third-party-advisory, x_refsource_SECUNIA | |
| http://openwall.com/lists/oss-security/2010/09/27/7 | mailing-list, x_refsource_MLIST | |
| http://pam.cvs.sourceforge.net/viewvc/pam/Linux-PAM/modules/pam_env/pam_env.c?r1=1.22&r2=1.23 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/46046 | vdb-entry, x_refsource_BID |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T03:55:34.511Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "linuxpam-pamenv-priv-escalation(65037)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/65037", }, { name: "GLSA-201206-31", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "http://security.gentoo.org/glsa/glsa-201206-31.xml", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=641335", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://pam.cvs.sourceforge.net/viewvc/pam/Linux-PAM/modules/pam_env/pam_env.8.xml?r1=1.7&r2=1.8", }, { name: "49711", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/49711", }, { name: "[oss-security] 20100928 Re: Minor security flaw with pam_xauth", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://openwall.com/lists/oss-security/2010/09/27/7", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://pam.cvs.sourceforge.net/viewvc/pam/Linux-PAM/modules/pam_env/pam_env.c?r1=1.22&r2=1.23", }, { name: "46046", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/46046", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2010-09-28T00:00:00", descriptions: [ { lang: "en", value: "The pam_env module in Linux-PAM (aka pam) 1.1.2 and earlier reads the .pam_environment file in a user's home directory, which might allow local users to run programs with an unintended environment by executing a program that relies on the pam_env PAM check.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-08-16T14:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "linuxpam-pamenv-priv-escalation(65037)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/65037", }, { name: "GLSA-201206-31", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "http://security.gentoo.org/glsa/glsa-201206-31.xml", }, { tags: [ "x_refsource_MISC", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=641335", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://pam.cvs.sourceforge.net/viewvc/pam/Linux-PAM/modules/pam_env/pam_env.8.xml?r1=1.7&r2=1.8", }, { name: "49711", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/49711", }, { name: "[oss-security] 20100928 Re: Minor security flaw with pam_xauth", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://openwall.com/lists/oss-security/2010/09/27/7", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://pam.cvs.sourceforge.net/viewvc/pam/Linux-PAM/modules/pam_env/pam_env.c?r1=1.22&r2=1.23", }, { name: "46046", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/46046", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2010-4708", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The pam_env module in Linux-PAM (aka pam) 1.1.2 and earlier reads the .pam_environment file in a user's home directory, which might allow local users to run programs with an unintended environment by executing a program that relies on the pam_env PAM check.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "linuxpam-pamenv-priv-escalation(65037)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/65037", }, { name: "GLSA-201206-31", refsource: "GENTOO", url: "http://security.gentoo.org/glsa/glsa-201206-31.xml", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=641335", refsource: "MISC", url: "https://bugzilla.redhat.com/show_bug.cgi?id=641335", }, { name: "http://pam.cvs.sourceforge.net/viewvc/pam/Linux-PAM/modules/pam_env/pam_env.8.xml?r1=1.7&r2=1.8", refsource: "CONFIRM", url: "http://pam.cvs.sourceforge.net/viewvc/pam/Linux-PAM/modules/pam_env/pam_env.8.xml?r1=1.7&r2=1.8", }, { name: "49711", refsource: "SECUNIA", url: "http://secunia.com/advisories/49711", }, { name: "[oss-security] 20100928 Re: Minor security flaw with pam_xauth", refsource: "MLIST", url: "http://openwall.com/lists/oss-security/2010/09/27/7", }, { name: "http://pam.cvs.sourceforge.net/viewvc/pam/Linux-PAM/modules/pam_env/pam_env.c?r1=1.22&r2=1.23", refsource: "CONFIRM", url: "http://pam.cvs.sourceforge.net/viewvc/pam/Linux-PAM/modules/pam_env/pam_env.c?r1=1.22&r2=1.23", }, { name: "46046", refsource: "BID", url: "http://www.securityfocus.com/bid/46046", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2010-4708", datePublished: "2011-01-24T18:00:00", dateReserved: "2011-01-24T00:00:00", dateUpdated: "2024-08-07T03:55:34.511Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2009-0887
Vulnerability from cvelistv5
Published
2009-03-12 15:00
Modified
2024-08-07 04:48
Severity ?
EPSS score ?
Summary
Integer signedness error in the _pam_StrTok function in libpam/pam_misc.c in Linux-PAM (aka pam) 1.0.3 and earlier, when a configuration file contains non-ASCII usernames, might allow remote attackers to cause a denial of service, and might allow remote authenticated users to obtain login access with a different user's non-ASCII username, via a login attempt.
References
| ▼ | URL | Tags |
|---|---|---|
| http://pam.cvs.sourceforge.net/viewvc/pam/Linux-PAM/libpam/pam_misc.c?r1=1.9&%3Br2=1.10&%3Bview=patch | x_refsource_CONFIRM | |
| http://www.mandriva.com/security/advisories?name=MDVSA-2009:077 | vendor-advisory, x_refsource_MANDRIVA | |
| http://openwall.com/lists/oss-security/2009/03/05/1 | mailing-list, x_refsource_MLIST | |
| https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00398.html | vendor-advisory, x_refsource_FEDORA | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/49110 | vdb-entry, x_refsource_XF | |
| http://pam.cvs.sourceforge.net/viewvc/pam/Linux-PAM/libpam/pam_misc.c?view=log | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/34010 | vdb-entry, x_refsource_BID | |
| https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00420.html | vendor-advisory, x_refsource_FEDORA | |
| http://secunia.com/advisories/34733 | third-party-advisory, x_refsource_SECUNIA |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T04:48:52.627Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://pam.cvs.sourceforge.net/viewvc/pam/Linux-PAM/libpam/pam_misc.c?r1=1.9&%3Br2=1.10&%3Bview=patch", }, { name: "MDVSA-2009:077", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2009:077", }, { name: "[oss-security] 20090305 CVE Request -- pam", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://openwall.com/lists/oss-security/2009/03/05/1", }, { name: "FEDORA-2009-3204", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00398.html", }, { name: "linuxpam-pamstrtok-priv-escalation(49110)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/49110", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://pam.cvs.sourceforge.net/viewvc/pam/Linux-PAM/libpam/pam_misc.c?view=log", }, { name: "34010", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/34010", }, { name: "FEDORA-2009-3231", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00420.html", }, { name: "34733", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/34733", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2009-03-05T00:00:00", descriptions: [ { lang: "en", value: "Integer signedness error in the _pam_StrTok function in libpam/pam_misc.c in Linux-PAM (aka pam) 1.0.3 and earlier, when a configuration file contains non-ASCII usernames, might allow remote attackers to cause a denial of service, and might allow remote authenticated users to obtain login access with a different user's non-ASCII username, via a login attempt.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-08-16T14:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://pam.cvs.sourceforge.net/viewvc/pam/Linux-PAM/libpam/pam_misc.c?r1=1.9&%3Br2=1.10&%3Bview=patch", }, { name: "MDVSA-2009:077", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2009:077", }, { name: "[oss-security] 20090305 CVE Request -- pam", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://openwall.com/lists/oss-security/2009/03/05/1", }, { name: "FEDORA-2009-3204", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00398.html", }, { name: "linuxpam-pamstrtok-priv-escalation(49110)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/49110", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://pam.cvs.sourceforge.net/viewvc/pam/Linux-PAM/libpam/pam_misc.c?view=log", }, { name: "34010", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/34010", }, { name: "FEDORA-2009-3231", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00420.html", }, { name: "34733", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/34733", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2009-0887", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Integer signedness error in the _pam_StrTok function in libpam/pam_misc.c in Linux-PAM (aka pam) 1.0.3 and earlier, when a configuration file contains non-ASCII usernames, might allow remote attackers to cause a denial of service, and might allow remote authenticated users to obtain login access with a different user's non-ASCII username, via a login attempt.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://pam.cvs.sourceforge.net/viewvc/pam/Linux-PAM/libpam/pam_misc.c?r1=1.9&r2=1.10&view=patch", refsource: "CONFIRM", url: "http://pam.cvs.sourceforge.net/viewvc/pam/Linux-PAM/libpam/pam_misc.c?r1=1.9&r2=1.10&view=patch", }, { name: "MDVSA-2009:077", refsource: "MANDRIVA", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2009:077", }, { name: "[oss-security] 20090305 CVE Request -- pam", refsource: "MLIST", url: "http://openwall.com/lists/oss-security/2009/03/05/1", }, { name: "FEDORA-2009-3204", refsource: "FEDORA", url: "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00398.html", }, { name: "linuxpam-pamstrtok-priv-escalation(49110)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/49110", }, { name: "http://pam.cvs.sourceforge.net/viewvc/pam/Linux-PAM/libpam/pam_misc.c?view=log", refsource: "CONFIRM", url: "http://pam.cvs.sourceforge.net/viewvc/pam/Linux-PAM/libpam/pam_misc.c?view=log", }, { name: "34010", refsource: "BID", url: "http://www.securityfocus.com/bid/34010", }, { name: "FEDORA-2009-3231", refsource: "FEDORA", url: "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00420.html", }, { name: "34733", refsource: "SECUNIA", url: "http://secunia.com/advisories/34733", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2009-0887", datePublished: "2009-03-12T15:00:00", dateReserved: "2009-03-12T00:00:00", dateUpdated: "2024-08-07T04:48:52.627Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Vulnerability from fkie_nvd
Published
2015-08-24 14:59
Modified
2024-11-21 02:28
Severity ?
Summary
The _unix_run_helper_binary function in the pam_unix module in Linux-PAM (aka pam) before 1.2.1, when unable to directly access passwords, allows local users to enumerate usernames or cause a denial of service (hang) via a large password.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux-pam | linux-pam | * | |
| oracle | sparc-opl_service_processor | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:linux-pam:linux-pam:*:*:*:*:*:*:*:*", matchCriteriaId: "97736CA5-0370-4CA9-B5D4-E157B3E699F5", versionEndIncluding: "1.1.8", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:sparc-opl_service_processor:*:*:*:*:*:*:*:*", matchCriteriaId: "6AF02A45-1811-44F2-B3C9-90C11F5DF6DF", versionEndIncluding: "1121", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The _unix_run_helper_binary function in the pam_unix module in Linux-PAM (aka pam) before 1.2.1, when unable to directly access passwords, allows local users to enumerate usernames or cause a denial of service (hang) via a large password.", }, { lang: "es", value: "Vulnerabilidad en la función _unix_run_helper_binary en el módulo pam_unix en Linux-PAM (también conocido como pam) en versiones anteriores a 1.2.1, cuando no es posible acceder directamente a las contraseñas, permite a usuarios locales enumerar los nombres de usuario o causar una denegación de servicio (colgado) a través de una contraseña larga.", }, ], id: "CVE-2015-3238", lastModified: "2024-11-21T02:28:58.363", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5.8, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 2.5, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2015-08-24T14:59:04.010", references: [ { source: "secalert@redhat.com", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161350.html", }, { source: "secalert@redhat.com", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/161249.html", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1640.html", }, { source: "secalert@redhat.com", url: "http://www.openwall.com/lists/oss-security/2015/06/25/13", }, { source: "secalert@redhat.com", url: "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/bid/75428", }, { source: "secalert@redhat.com", url: "http://www.ubuntu.com/usn/USN-2935-1", }, { source: "secalert@redhat.com", url: "http://www.ubuntu.com/usn/USN-2935-2", }, { source: "secalert@redhat.com", url: "http://www.ubuntu.com/usn/USN-2935-3", }, { source: "secalert@redhat.com", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1228571", }, { source: "secalert@redhat.com", url: "https://security.gentoo.org/glsa/201605-05", }, { source: "secalert@redhat.com", tags: [ "Exploit", ], url: "https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2015-011/?fid=6551", }, { source: "secalert@redhat.com", tags: [ "Exploit", ], url: "https://www.trustwave.com/Resources/SpiderLabs-Blog/Username-Enumeration-against-OpenSSH-SELinux-with-CVE-2015-3238/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161350.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/161249.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2015-1640.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2015/06/25/13", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/75428", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.ubuntu.com/usn/USN-2935-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.ubuntu.com/usn/USN-2935-2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.ubuntu.com/usn/USN-2935-3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1228571", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201605-05", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", ], url: "https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2015-011/?fid=6551", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", ], url: "https://www.trustwave.com/Resources/SpiderLabs-Blog/Username-Enumeration-against-OpenSSH-SELinux-with-CVE-2015-3238/", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-02-06 08:15
Modified
2024-11-21 08:56
Severity ?
Summary
linux-pam (aka Linux PAM) before 1.6.0 allows attackers to cause a denial of service (blocked login process) via mkfifo because the openat call (for protect_dir) lacks O_DIRECTORY.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:linux-pam:linux-pam:*:*:*:*:*:*:*:*", matchCriteriaId: "8B735A60-FB87-4597-BFF4-A6ED201E71A1", versionEndExcluding: "1.6.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "linux-pam (aka Linux PAM) before 1.6.0 allows attackers to cause a denial of service (blocked login process) via mkfifo because the openat call (for protect_dir) lacks O_DIRECTORY.", }, { lang: "es", value: "linux-pam (también conocido como Linux PAM) anterior a 1.6.0 permite a los atacantes provocar una denegación de servicio (proceso de inicio de sesión bloqueado) a través de mkfifo porque la llamada openat (para protect_dir) carece de O_DIRECTORY.", }, ], id: "CVE-2024-22365", lastModified: "2024-11-21T08:56:07.760", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-02-06T08:15:52.203", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Mailing List", "Patch", "Release Notes", ], url: "http://www.openwall.com/lists/oss-security/2024/01/18/3", }, { source: "cve@mitre.org", tags: [ "Product", ], url: "https://github.com/linux-pam/linux-pam", }, { source: "cve@mitre.org", tags: [ "Patch", ], url: "https://github.com/linux-pam/linux-pam/commit/031bb5a5d0d950253b68138b498dc93be69a64cb", }, { source: "cve@mitre.org", tags: [ "Release Notes", ], url: "https://github.com/linux-pam/linux-pam/releases/tag/v1.6.0", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Mailing List", "Patch", "Release Notes", ], url: "http://www.openwall.com/lists/oss-security/2024/01/18/3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Product", ], url: "https://github.com/linux-pam/linux-pam", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "https://github.com/linux-pam/linux-pam/commit/031bb5a5d0d950253b68138b498dc93be69a64cb", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://github.com/linux-pam/linux-pam/releases/tag/v1.6.0", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2009-04-16 15:12
Modified
2024-11-21 01:00
Severity ?
Summary
Linux-PAM before 1.0.4 does not enforce the minimum password age (MINDAYS) as specified in /etc/shadow, which allows local users to bypass intended security policy and change their passwords sooner than specified.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux-pam | linux-pam | * | |
| linux-pam | linux-pam | 0.99.1.0 | |
| linux-pam | linux-pam | 0.99.2.0 | |
| linux-pam | linux-pam | 0.99.2.1 | |
| linux-pam | linux-pam | 0.99.3.0 | |
| linux-pam | linux-pam | 0.99.4.0 | |
| linux-pam | linux-pam | 0.99.5.0 | |
| linux-pam | linux-pam | 0.99.6.0 | |
| linux-pam | linux-pam | 0.99.6.1 | |
| linux-pam | linux-pam | 0.99.6.2 | |
| linux-pam | linux-pam | 0.99.6.3 | |
| linux-pam | linux-pam | 0.99.7.0 | |
| linux-pam | linux-pam | 0.99.7.1 | |
| linux-pam | linux-pam | 0.99.8.0 | |
| linux-pam | linux-pam | 0.99.8.1 | |
| linux-pam | linux-pam | 0.99.9.0 | |
| linux-pam | linux-pam | 0.99.10.0 | |
| linux-pam | linux-pam | 1.0.0 | |
| linux-pam | linux-pam | 1.0.1 | |
| linux-pam | linux-pam | 1.0.2 | |
| linux-pam | linux-pam | 1.0.3 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:linux-pam:linux-pam:*:*:*:*:*:*:*:*", matchCriteriaId: "6B4EF54C-CE7D-4CCE-ACF2-3810C7ABFEFB", versionEndIncluding: "1.0.4", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.1.0:*:*:*:*:*:*:*", matchCriteriaId: "B59C70C7-FABE-4A45-A45D-2C7276D698DF", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.2.0:*:*:*:*:*:*:*", matchCriteriaId: "DBA50D8F-D5A8-4123-93CF-E7714571F411", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.2.1:*:*:*:*:*:*:*", matchCriteriaId: "DB8820C0-1ECB-45AD-A573-5667F0D09776", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.3.0:*:*:*:*:*:*:*", matchCriteriaId: "5D416053-0010-4B25-9F7C-6054C51C1685", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.4.0:*:*:*:*:*:*:*", matchCriteriaId: "B97AB578-0E9E-4370-8379-0CD455F2D740", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.5.0:*:*:*:*:*:*:*", matchCriteriaId: "22A6147C-CC0A-4C9F-B9A9-E144F2133592", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.6.0:*:*:*:*:*:*:*", matchCriteriaId: "6DEF8EC8-0E0A-4C0A-95BE-FB7C23732083", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.6.1:*:*:*:*:*:*:*", matchCriteriaId: "C9A9AB1C-FDF8-4E98-8773-387E03CD93E1", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.6.2:*:*:*:*:*:*:*", matchCriteriaId: "8F94AA92-5854-46B9-8B3C-08FCC5B071CF", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.6.3:*:*:*:*:*:*:*", matchCriteriaId: "FD5C0039-827C-45CD-99BE-95459006CA59", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.7.0:*:*:*:*:*:*:*", matchCriteriaId: "F4256C34-DBCA-4FE0-96A5-874D7F00869A", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.7.1:*:*:*:*:*:*:*", matchCriteriaId: "1B2613D2-33C1-4132-AD9A-68190A59C0F4", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.8.0:*:*:*:*:*:*:*", matchCriteriaId: "08FDE78F-119B-4FC8-BBFA-8048F2CF1227", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.8.1:*:*:*:*:*:*:*", matchCriteriaId: "C4A75789-F7EC-4D9C-942A-243DF92E5CA5", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.9.0:*:*:*:*:*:*:*", matchCriteriaId: "3753027E-D3A4-45D4-A3A3-2320C48AF6C6", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.10.0:*:*:*:*:*:*:*", matchCriteriaId: "6533A629-6351-4831-BBF7-44718262FAF3", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:1.0.0:*:*:*:*:*:*:*", matchCriteriaId: "516F23F9-25B3-40DB-A3CA-2F1DE0678934", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:1.0.1:*:*:*:*:*:*:*", matchCriteriaId: "5F3ACA7F-D247-439C-8B5E-287EC5D236AF", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:1.0.2:*:*:*:*:*:*:*", matchCriteriaId: "6A30E5C3-501D-4DAA-B7F7-E42F98DEDBF9", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:1.0.3:*:*:*:*:*:*:*", matchCriteriaId: "AEC8C86C-9FC7-4838-BFD8-90431DEC4946", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Linux-PAM before 1.0.4 does not enforce the minimum password age (MINDAYS) as specified in /etc/shadow, which allows local users to bypass intended security policy and change their passwords sooner than specified.", }, { lang: "es", value: "Linux-PAM antes de v1.0.4 no aplica la edad mínima de la contraseña (MINDAYS), tal como se especifica en /etc/shadow, lo que permite a usuarios locales eludir la política de seguridad y cambiar sus contraseñas antes de lo especificado.", }, ], id: "CVE-2009-0579", lastModified: "2024-11-21T01:00:23.523", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: true, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2009-04-16T15:12:57.360", references: [ { source: "secalert@redhat.com", url: "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=514437", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/34728", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/34733", }, { source: "secalert@redhat.com", tags: [ "Patch", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=487216", }, { source: "secalert@redhat.com", url: "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00398.html", }, { source: "secalert@redhat.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00420.html", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://www.redhat.com/archives/pam-list/2009-March/msg00006.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=514437", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/34728", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/34733", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=487216", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00398.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00420.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.redhat.com/archives/pam-list/2009-March/msg00006.html", }, ], sourceIdentifier: "secalert@redhat.com", vendorComments: [ { comment: "Not vulnerable. This issue did not affect the versions of pam as shipped with Red Hat Enterprise Linux 2.1, 3, 4, or 5. Only PAM versions 1.x were affected.", lastModified: "2009-04-16T00:00:00", organization: "Red Hat", }, ], vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-264", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2011-01-24 19:00
Modified
2024-11-21 01:21
Severity ?
Summary
The pam_env module in Linux-PAM (aka pam) 1.1.2 and earlier reads the .pam_environment file in a user's home directory, which might allow local users to run programs with an unintended environment by executing a program that relies on the pam_env PAM check.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux-pam | linux-pam | * | |
| linux-pam | linux-pam | 0.99.1.0 | |
| linux-pam | linux-pam | 0.99.2.0 | |
| linux-pam | linux-pam | 0.99.2.1 | |
| linux-pam | linux-pam | 0.99.3.0 | |
| linux-pam | linux-pam | 0.99.4.0 | |
| linux-pam | linux-pam | 0.99.5.0 | |
| linux-pam | linux-pam | 0.99.6.0 | |
| linux-pam | linux-pam | 0.99.6.1 | |
| linux-pam | linux-pam | 0.99.6.2 | |
| linux-pam | linux-pam | 0.99.6.3 | |
| linux-pam | linux-pam | 0.99.7.0 | |
| linux-pam | linux-pam | 0.99.7.1 | |
| linux-pam | linux-pam | 0.99.8.0 | |
| linux-pam | linux-pam | 0.99.8.1 | |
| linux-pam | linux-pam | 0.99.9.0 | |
| linux-pam | linux-pam | 0.99.10.0 | |
| linux-pam | linux-pam | 1.0.0 | |
| linux-pam | linux-pam | 1.0.1 | |
| linux-pam | linux-pam | 1.0.2 | |
| linux-pam | linux-pam | 1.0.3 | |
| linux-pam | linux-pam | 1.0.4 | |
| linux-pam | linux-pam | 1.1.0 | |
| linux-pam | linux-pam | 1.1.1 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:linux-pam:linux-pam:*:*:*:*:*:*:*:*", matchCriteriaId: "13C9E7AE-3FFF-4A41-BEB0-2E37B6000901", versionEndIncluding: "1.1.2", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.1.0:*:*:*:*:*:*:*", matchCriteriaId: "B59C70C7-FABE-4A45-A45D-2C7276D698DF", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.2.0:*:*:*:*:*:*:*", matchCriteriaId: "DBA50D8F-D5A8-4123-93CF-E7714571F411", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.2.1:*:*:*:*:*:*:*", matchCriteriaId: "DB8820C0-1ECB-45AD-A573-5667F0D09776", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.3.0:*:*:*:*:*:*:*", matchCriteriaId: "5D416053-0010-4B25-9F7C-6054C51C1685", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.4.0:*:*:*:*:*:*:*", matchCriteriaId: "B97AB578-0E9E-4370-8379-0CD455F2D740", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.5.0:*:*:*:*:*:*:*", matchCriteriaId: "22A6147C-CC0A-4C9F-B9A9-E144F2133592", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.6.0:*:*:*:*:*:*:*", matchCriteriaId: "6DEF8EC8-0E0A-4C0A-95BE-FB7C23732083", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.6.1:*:*:*:*:*:*:*", matchCriteriaId: "C9A9AB1C-FDF8-4E98-8773-387E03CD93E1", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.6.2:*:*:*:*:*:*:*", matchCriteriaId: "8F94AA92-5854-46B9-8B3C-08FCC5B071CF", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.6.3:*:*:*:*:*:*:*", matchCriteriaId: "FD5C0039-827C-45CD-99BE-95459006CA59", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.7.0:*:*:*:*:*:*:*", matchCriteriaId: "F4256C34-DBCA-4FE0-96A5-874D7F00869A", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.7.1:*:*:*:*:*:*:*", matchCriteriaId: "1B2613D2-33C1-4132-AD9A-68190A59C0F4", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.8.0:*:*:*:*:*:*:*", matchCriteriaId: "08FDE78F-119B-4FC8-BBFA-8048F2CF1227", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.8.1:*:*:*:*:*:*:*", matchCriteriaId: "C4A75789-F7EC-4D9C-942A-243DF92E5CA5", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.9.0:*:*:*:*:*:*:*", matchCriteriaId: "3753027E-D3A4-45D4-A3A3-2320C48AF6C6", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.10.0:*:*:*:*:*:*:*", matchCriteriaId: "6533A629-6351-4831-BBF7-44718262FAF3", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:1.0.0:*:*:*:*:*:*:*", matchCriteriaId: "516F23F9-25B3-40DB-A3CA-2F1DE0678934", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:1.0.1:*:*:*:*:*:*:*", matchCriteriaId: "5F3ACA7F-D247-439C-8B5E-287EC5D236AF", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:1.0.2:*:*:*:*:*:*:*", matchCriteriaId: "6A30E5C3-501D-4DAA-B7F7-E42F98DEDBF9", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:1.0.3:*:*:*:*:*:*:*", matchCriteriaId: "AEC8C86C-9FC7-4838-BFD8-90431DEC4946", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:1.0.4:*:*:*:*:*:*:*", matchCriteriaId: "EBE3BF43-7402-4CC0-A329-C8597A0758C7", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:1.1.0:*:*:*:*:*:*:*", matchCriteriaId: "7A39C8AD-FA7C-4C64-AAB7-93CC461E73F2", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:1.1.1:*:*:*:*:*:*:*", matchCriteriaId: "1F7BA7CC-F284-40C8-998D-FC70CCAB58D9", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The pam_env module in Linux-PAM (aka pam) 1.1.2 and earlier reads the .pam_environment file in a user's home directory, which might allow local users to run programs with an unintended environment by executing a program that relies on the pam_env PAM check.", }, { lang: "es", value: "El modulo pam_env en Linux-PAM (también conocido como pam) v1.1.2 y anteriores lee el archivo .pam_environment en el directorio home de un usuario, lo que permite a usuarios locales ejecutar programas en un entorno no deseado ejecutando programas que confían en la comprobación pam_env PAM.", }, ], id: "CVE-2010-4708", lastModified: "2024-11-21T01:21:34.470", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2011-01-24T19:00:02.190", references: [ { source: "cve@mitre.org", tags: [ "Patch", ], url: "http://openwall.com/lists/oss-security/2010/09/27/7", }, { source: "cve@mitre.org", url: "http://pam.cvs.sourceforge.net/viewvc/pam/Linux-PAM/modules/pam_env/pam_env.8.xml?r1=1.7&r2=1.8", }, { source: "cve@mitre.org", tags: [ "Patch", ], url: "http://pam.cvs.sourceforge.net/viewvc/pam/Linux-PAM/modules/pam_env/pam_env.c?r1=1.22&r2=1.23", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/49711", }, { source: "cve@mitre.org", url: "http://security.gentoo.org/glsa/glsa-201206-31.xml", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/46046", }, { source: "cve@mitre.org", tags: [ "Patch", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=641335", }, { source: "cve@mitre.org", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/65037", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://openwall.com/lists/oss-security/2010/09/27/7", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://pam.cvs.sourceforge.net/viewvc/pam/Linux-PAM/modules/pam_env/pam_env.8.xml?r1=1.7&r2=1.8", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://pam.cvs.sourceforge.net/viewvc/pam/Linux-PAM/modules/pam_env/pam_env.c?r1=1.22&r2=1.23", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/49711", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://security.gentoo.org/glsa/glsa-201206-31.xml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/46046", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=641335", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/65037", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-12-18 00:15
Modified
2024-11-21 05:21
Severity ?
Summary
A flaw was found in Linux-Pam in versions prior to 1.5.1 in the way it handle empty passwords for non-existing users. When the user doesn't exist PAM try to authenticate with root and in the case of an empty password it successfully authenticate.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=1901094 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=1901094 | Issue Tracking, Third Party Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:linux-pam:linux-pam:*:*:*:*:*:*:*:*", matchCriteriaId: "693B7D7D-6BD3-4E5F-9E03-048B5BA832E7", versionEndExcluding: "1.5.1", versionStartIncluding: "1.5.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A flaw was found in Linux-Pam in versions prior to 1.5.1 in the way it handle empty passwords for non-existing users. When the user doesn't exist PAM try to authenticate with root and in the case of an empty password it successfully authenticate.", }, { lang: "es", value: "Se encontró un fallo en Linux-Pam en versiones anteriores a 1.5.1 en la manera en que maneja contraseñas vacías para usuarios inexistentes. Cuando el usuario no existe, PAM intenta autenticarse con root y en el caso de una contraseña vacía, es autenticado con éxito", }, ], id: "CVE-2020-27780", lastModified: "2024-11-21T05:21:49.307", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-12-18T00:15:14.330", references: [ { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1901094", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=1901094", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-287", }, ], source: "secalert@redhat.com", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2011-01-24 18:00
Modified
2024-11-21 01:19
Severity ?
Summary
pam_namespace.c in the pam_namespace module in Linux-PAM (aka pam) before 1.1.3 uses the environment of the invoking application or service during execution of the namespace.init script, which might allow local users to gain privileges by running a setuid program that relies on the pam_namespace PAM check, as demonstrated by the sudo program.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux-pam | linux-pam | * | |
| linux-pam | linux-pam | 0.99.1.0 | |
| linux-pam | linux-pam | 0.99.2.0 | |
| linux-pam | linux-pam | 0.99.2.1 | |
| linux-pam | linux-pam | 0.99.3.0 | |
| linux-pam | linux-pam | 0.99.4.0 | |
| linux-pam | linux-pam | 0.99.5.0 | |
| linux-pam | linux-pam | 0.99.6.0 | |
| linux-pam | linux-pam | 0.99.6.1 | |
| linux-pam | linux-pam | 0.99.6.2 | |
| linux-pam | linux-pam | 0.99.6.3 | |
| linux-pam | linux-pam | 0.99.7.0 | |
| linux-pam | linux-pam | 0.99.7.1 | |
| linux-pam | linux-pam | 0.99.8.0 | |
| linux-pam | linux-pam | 0.99.8.1 | |
| linux-pam | linux-pam | 0.99.9.0 | |
| linux-pam | linux-pam | 0.99.10.0 | |
| linux-pam | linux-pam | 1.0.0 | |
| linux-pam | linux-pam | 1.0.1 | |
| linux-pam | linux-pam | 1.0.2 | |
| linux-pam | linux-pam | 1.0.3 | |
| linux-pam | linux-pam | 1.0.4 | |
| linux-pam | linux-pam | 1.1.0 | |
| linux-pam | linux-pam | 1.1.1 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:linux-pam:linux-pam:*:*:*:*:*:*:*:*", matchCriteriaId: "13C9E7AE-3FFF-4A41-BEB0-2E37B6000901", versionEndIncluding: "1.1.2", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.1.0:*:*:*:*:*:*:*", matchCriteriaId: "B59C70C7-FABE-4A45-A45D-2C7276D698DF", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.2.0:*:*:*:*:*:*:*", matchCriteriaId: "DBA50D8F-D5A8-4123-93CF-E7714571F411", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.2.1:*:*:*:*:*:*:*", matchCriteriaId: "DB8820C0-1ECB-45AD-A573-5667F0D09776", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.3.0:*:*:*:*:*:*:*", matchCriteriaId: "5D416053-0010-4B25-9F7C-6054C51C1685", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.4.0:*:*:*:*:*:*:*", matchCriteriaId: "B97AB578-0E9E-4370-8379-0CD455F2D740", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.5.0:*:*:*:*:*:*:*", matchCriteriaId: "22A6147C-CC0A-4C9F-B9A9-E144F2133592", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.6.0:*:*:*:*:*:*:*", matchCriteriaId: "6DEF8EC8-0E0A-4C0A-95BE-FB7C23732083", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.6.1:*:*:*:*:*:*:*", matchCriteriaId: "C9A9AB1C-FDF8-4E98-8773-387E03CD93E1", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.6.2:*:*:*:*:*:*:*", matchCriteriaId: "8F94AA92-5854-46B9-8B3C-08FCC5B071CF", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.6.3:*:*:*:*:*:*:*", matchCriteriaId: "FD5C0039-827C-45CD-99BE-95459006CA59", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.7.0:*:*:*:*:*:*:*", matchCriteriaId: "F4256C34-DBCA-4FE0-96A5-874D7F00869A", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.7.1:*:*:*:*:*:*:*", matchCriteriaId: "1B2613D2-33C1-4132-AD9A-68190A59C0F4", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.8.0:*:*:*:*:*:*:*", matchCriteriaId: "08FDE78F-119B-4FC8-BBFA-8048F2CF1227", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.8.1:*:*:*:*:*:*:*", matchCriteriaId: "C4A75789-F7EC-4D9C-942A-243DF92E5CA5", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.9.0:*:*:*:*:*:*:*", matchCriteriaId: "3753027E-D3A4-45D4-A3A3-2320C48AF6C6", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.10.0:*:*:*:*:*:*:*", matchCriteriaId: "6533A629-6351-4831-BBF7-44718262FAF3", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:1.0.0:*:*:*:*:*:*:*", matchCriteriaId: "516F23F9-25B3-40DB-A3CA-2F1DE0678934", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:1.0.1:*:*:*:*:*:*:*", matchCriteriaId: "5F3ACA7F-D247-439C-8B5E-287EC5D236AF", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:1.0.2:*:*:*:*:*:*:*", matchCriteriaId: "6A30E5C3-501D-4DAA-B7F7-E42F98DEDBF9", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:1.0.3:*:*:*:*:*:*:*", matchCriteriaId: "AEC8C86C-9FC7-4838-BFD8-90431DEC4946", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:1.0.4:*:*:*:*:*:*:*", matchCriteriaId: "EBE3BF43-7402-4CC0-A329-C8597A0758C7", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:1.1.0:*:*:*:*:*:*:*", matchCriteriaId: "7A39C8AD-FA7C-4C64-AAB7-93CC461E73F2", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:1.1.1:*:*:*:*:*:*:*", matchCriteriaId: "1F7BA7CC-F284-40C8-998D-FC70CCAB58D9", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "pam_namespace.c in the pam_namespace module in Linux-PAM (aka pam) before 1.1.3 uses the environment of the invoking application or service during execution of the namespace.init script, which might allow local users to gain privileges by running a setuid program that relies on the pam_namespace PAM check, as demonstrated by the sudo program.", }, { lang: "es", value: "pam_namespace.c en el módulo pam_namespace para Linux-PAM (también conocido como PAM) anterior a v1.1.3 utiliza el entorno de invocación de la aplicación o servicio durante la ejecución de la secuencia de comandos namespace.init, lo que podría permitir a usuarios locales obtener privilegios mediante la ejecución de un programa setuid que se basa en la comprobación de pam_namespace, como lo demuestra el programa sudo.", }, ], id: "CVE-2010-3853", lastModified: "2024-11-21T01:19:45.497", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 6.9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.4, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2011-01-24T18:00:02.173", references: [ { source: "secalert@redhat.com", url: "http://lists.vmware.com/pipermail/security-announce/2011/000126.html", }, { source: "secalert@redhat.com", tags: [ "Patch", ], url: "http://pam.cvs.sourceforge.net/viewvc/pam/Linux-PAM/modules/pam_namespace/pam_namespace.c?view=log#rev1.13", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/49711", }, { source: "secalert@redhat.com", url: "http://security.gentoo.org/glsa/glsa-201206-31.xml", }, { source: "secalert@redhat.com", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2010:220", }, { source: "secalert@redhat.com", url: "http://www.redhat.com/support/errata/RHSA-2010-0819.html", }, { source: "secalert@redhat.com", url: "http://www.redhat.com/support/errata/RHSA-2010-0891.html", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/archive/1/516909/100/0/threaded", }, { source: "secalert@redhat.com", url: "http://www.vmware.com/security/advisories/VMSA-2011-0004.html", }, { source: "secalert@redhat.com", url: "http://www.vupen.com/english/advisories/2011/0606", }, { source: "secalert@redhat.com", tags: [ "Patch", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=643043", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.vmware.com/pipermail/security-announce/2011/000126.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://pam.cvs.sourceforge.net/viewvc/pam/Linux-PAM/modules/pam_namespace/pam_namespace.c?view=log#rev1.13", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/49711", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://security.gentoo.org/glsa/glsa-201206-31.xml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2010:220", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.redhat.com/support/errata/RHSA-2010-0819.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.redhat.com/support/errata/RHSA-2010-0891.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/archive/1/516909/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vmware.com/security/advisories/VMSA-2011-0004.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2011/0606", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=643043", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2011-01-24 19:00
Modified
2024-11-21 01:21
Severity ?
Summary
The check_acl function in pam_xauth.c in the pam_xauth module in Linux-PAM (aka pam) 1.1.2 and earlier does not verify that a certain ACL file is a regular file, which might allow local users to cause a denial of service (resource consumption) via a special file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux-pam | linux-pam | * | |
| linux-pam | linux-pam | 0.99.1.0 | |
| linux-pam | linux-pam | 0.99.2.0 | |
| linux-pam | linux-pam | 0.99.2.1 | |
| linux-pam | linux-pam | 0.99.3.0 | |
| linux-pam | linux-pam | 0.99.4.0 | |
| linux-pam | linux-pam | 0.99.5.0 | |
| linux-pam | linux-pam | 0.99.6.0 | |
| linux-pam | linux-pam | 0.99.6.1 | |
| linux-pam | linux-pam | 0.99.6.2 | |
| linux-pam | linux-pam | 0.99.6.3 | |
| linux-pam | linux-pam | 0.99.7.0 | |
| linux-pam | linux-pam | 0.99.7.1 | |
| linux-pam | linux-pam | 0.99.8.0 | |
| linux-pam | linux-pam | 0.99.8.1 | |
| linux-pam | linux-pam | 0.99.9.0 | |
| linux-pam | linux-pam | 0.99.10.0 | |
| linux-pam | linux-pam | 1.0.0 | |
| linux-pam | linux-pam | 1.0.1 | |
| linux-pam | linux-pam | 1.0.2 | |
| linux-pam | linux-pam | 1.0.3 | |
| linux-pam | linux-pam | 1.0.4 | |
| linux-pam | linux-pam | 1.1.0 | |
| linux-pam | linux-pam | 1.1.1 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:linux-pam:linux-pam:*:*:*:*:*:*:*:*", matchCriteriaId: "13C9E7AE-3FFF-4A41-BEB0-2E37B6000901", versionEndIncluding: "1.1.2", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.1.0:*:*:*:*:*:*:*", matchCriteriaId: "B59C70C7-FABE-4A45-A45D-2C7276D698DF", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.2.0:*:*:*:*:*:*:*", matchCriteriaId: "DBA50D8F-D5A8-4123-93CF-E7714571F411", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.2.1:*:*:*:*:*:*:*", matchCriteriaId: "DB8820C0-1ECB-45AD-A573-5667F0D09776", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.3.0:*:*:*:*:*:*:*", matchCriteriaId: "5D416053-0010-4B25-9F7C-6054C51C1685", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.4.0:*:*:*:*:*:*:*", matchCriteriaId: "B97AB578-0E9E-4370-8379-0CD455F2D740", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.5.0:*:*:*:*:*:*:*", matchCriteriaId: "22A6147C-CC0A-4C9F-B9A9-E144F2133592", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.6.0:*:*:*:*:*:*:*", matchCriteriaId: "6DEF8EC8-0E0A-4C0A-95BE-FB7C23732083", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.6.1:*:*:*:*:*:*:*", matchCriteriaId: "C9A9AB1C-FDF8-4E98-8773-387E03CD93E1", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.6.2:*:*:*:*:*:*:*", matchCriteriaId: "8F94AA92-5854-46B9-8B3C-08FCC5B071CF", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.6.3:*:*:*:*:*:*:*", matchCriteriaId: "FD5C0039-827C-45CD-99BE-95459006CA59", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.7.0:*:*:*:*:*:*:*", matchCriteriaId: "F4256C34-DBCA-4FE0-96A5-874D7F00869A", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.7.1:*:*:*:*:*:*:*", matchCriteriaId: "1B2613D2-33C1-4132-AD9A-68190A59C0F4", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.8.0:*:*:*:*:*:*:*", matchCriteriaId: "08FDE78F-119B-4FC8-BBFA-8048F2CF1227", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.8.1:*:*:*:*:*:*:*", matchCriteriaId: "C4A75789-F7EC-4D9C-942A-243DF92E5CA5", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.9.0:*:*:*:*:*:*:*", matchCriteriaId: "3753027E-D3A4-45D4-A3A3-2320C48AF6C6", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.10.0:*:*:*:*:*:*:*", matchCriteriaId: "6533A629-6351-4831-BBF7-44718262FAF3", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:1.0.0:*:*:*:*:*:*:*", matchCriteriaId: "516F23F9-25B3-40DB-A3CA-2F1DE0678934", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:1.0.1:*:*:*:*:*:*:*", matchCriteriaId: "5F3ACA7F-D247-439C-8B5E-287EC5D236AF", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:1.0.2:*:*:*:*:*:*:*", matchCriteriaId: "6A30E5C3-501D-4DAA-B7F7-E42F98DEDBF9", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:1.0.3:*:*:*:*:*:*:*", matchCriteriaId: "AEC8C86C-9FC7-4838-BFD8-90431DEC4946", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:1.0.4:*:*:*:*:*:*:*", matchCriteriaId: "EBE3BF43-7402-4CC0-A329-C8597A0758C7", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:1.1.0:*:*:*:*:*:*:*", matchCriteriaId: "7A39C8AD-FA7C-4C64-AAB7-93CC461E73F2", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:1.1.1:*:*:*:*:*:*:*", matchCriteriaId: "1F7BA7CC-F284-40C8-998D-FC70CCAB58D9", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The check_acl function in pam_xauth.c in the pam_xauth module in Linux-PAM (aka pam) 1.1.2 and earlier does not verify that a certain ACL file is a regular file, which might allow local users to cause a denial of service (resource consumption) via a special file.", }, { lang: "es", value: "La función check_acl en pam_xauth.c en el módulo pam_xauth en Linux-PAM (también conocido como pam) v1.1.2 y anteriores no verifica adecuadamente que un cierto archivo ACL es un archivo regular, lo que permite que usuarios locales provoquen una denegación de servicio (consumo de todos los recursos) a través de un archivo especial.", }, ], id: "CVE-2010-4707", lastModified: "2024-11-21T01:21:34.313", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.9, confidentialityImpact: "COMPLETE", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:C/I:N/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2011-01-24T19:00:01.957", references: [ { source: "cve@mitre.org", url: "http://git.altlinux.org/people/ldv/packages/?p=pam.git%3Ba=commit%3Bh=Linux-PAM-1_1_2-2-gffe7058c70253d574b1963c7c93002bd410fddc9", }, { source: "cve@mitre.org", tags: [ "Patch", ], url: "http://openwall.com/lists/oss-security/2010/10/03/1", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/49711", }, { source: "cve@mitre.org", url: "http://security.gentoo.org/glsa/glsa-201206-31.xml", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/46045", }, { source: "cve@mitre.org", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/65036", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://git.altlinux.org/people/ldv/packages/?p=pam.git%3Ba=commit%3Bh=Linux-PAM-1_1_2-2-gffe7058c70253d574b1963c7c93002bd410fddc9", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://openwall.com/lists/oss-security/2010/10/03/1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/49711", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://security.gentoo.org/glsa/glsa-201206-31.xml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/46045", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/65036", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-399", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2009-03-12 15:20
Modified
2024-11-21 01:01
Severity ?
Summary
Integer signedness error in the _pam_StrTok function in libpam/pam_misc.c in Linux-PAM (aka pam) 1.0.3 and earlier, when a configuration file contains non-ASCII usernames, might allow remote attackers to cause a denial of service, and might allow remote authenticated users to obtain login access with a different user's non-ASCII username, via a login attempt.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux-pam | linux-pam | * | |
| linux-pam | linux-pam | 0.99.1.0 | |
| linux-pam | linux-pam | 0.99.2.0 | |
| linux-pam | linux-pam | 0.99.2.1 | |
| linux-pam | linux-pam | 0.99.3.0 | |
| linux-pam | linux-pam | 0.99.4.0 | |
| linux-pam | linux-pam | 0.99.5.0 | |
| linux-pam | linux-pam | 0.99.6.0 | |
| linux-pam | linux-pam | 0.99.6.1 | |
| linux-pam | linux-pam | 0.99.6.2 | |
| linux-pam | linux-pam | 0.99.6.3 | |
| linux-pam | linux-pam | 0.99.7.0 | |
| linux-pam | linux-pam | 0.99.7.1 | |
| linux-pam | linux-pam | 0.99.8.0 | |
| linux-pam | linux-pam | 0.99.8.1 | |
| linux-pam | linux-pam | 0.99.9.0 | |
| linux-pam | linux-pam | 0.99.10.0 | |
| linux-pam | linux-pam | 1.0.0 | |
| linux-pam | linux-pam | 1.0.1 | |
| linux-pam | linux-pam | 1.0.2 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:linux-pam:linux-pam:*:*:*:*:*:*:*:*", matchCriteriaId: "5C8DB56B-870D-45E3-8216-ADB47FD07B2D", versionEndIncluding: "1.0.3", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.1.0:*:*:*:*:*:*:*", matchCriteriaId: "B59C70C7-FABE-4A45-A45D-2C7276D698DF", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.2.0:*:*:*:*:*:*:*", matchCriteriaId: "DBA50D8F-D5A8-4123-93CF-E7714571F411", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.2.1:*:*:*:*:*:*:*", matchCriteriaId: "DB8820C0-1ECB-45AD-A573-5667F0D09776", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.3.0:*:*:*:*:*:*:*", matchCriteriaId: "5D416053-0010-4B25-9F7C-6054C51C1685", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.4.0:*:*:*:*:*:*:*", matchCriteriaId: "B97AB578-0E9E-4370-8379-0CD455F2D740", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.5.0:*:*:*:*:*:*:*", matchCriteriaId: "22A6147C-CC0A-4C9F-B9A9-E144F2133592", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.6.0:*:*:*:*:*:*:*", matchCriteriaId: "6DEF8EC8-0E0A-4C0A-95BE-FB7C23732083", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.6.1:*:*:*:*:*:*:*", matchCriteriaId: "C9A9AB1C-FDF8-4E98-8773-387E03CD93E1", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.6.2:*:*:*:*:*:*:*", matchCriteriaId: "8F94AA92-5854-46B9-8B3C-08FCC5B071CF", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.6.3:*:*:*:*:*:*:*", matchCriteriaId: "FD5C0039-827C-45CD-99BE-95459006CA59", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.7.0:*:*:*:*:*:*:*", matchCriteriaId: "F4256C34-DBCA-4FE0-96A5-874D7F00869A", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.7.1:*:*:*:*:*:*:*", matchCriteriaId: "1B2613D2-33C1-4132-AD9A-68190A59C0F4", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.8.0:*:*:*:*:*:*:*", matchCriteriaId: "08FDE78F-119B-4FC8-BBFA-8048F2CF1227", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.8.1:*:*:*:*:*:*:*", matchCriteriaId: "C4A75789-F7EC-4D9C-942A-243DF92E5CA5", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.9.0:*:*:*:*:*:*:*", matchCriteriaId: "3753027E-D3A4-45D4-A3A3-2320C48AF6C6", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.10.0:*:*:*:*:*:*:*", matchCriteriaId: "6533A629-6351-4831-BBF7-44718262FAF3", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:1.0.0:*:*:*:*:*:*:*", matchCriteriaId: "516F23F9-25B3-40DB-A3CA-2F1DE0678934", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:1.0.1:*:*:*:*:*:*:*", matchCriteriaId: "5F3ACA7F-D247-439C-8B5E-287EC5D236AF", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:1.0.2:*:*:*:*:*:*:*", matchCriteriaId: "6A30E5C3-501D-4DAA-B7F7-E42F98DEDBF9", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Integer signedness error in the _pam_StrTok function in libpam/pam_misc.c in Linux-PAM (aka pam) 1.0.3 and earlier, when a configuration file contains non-ASCII usernames, might allow remote attackers to cause a denial of service, and might allow remote authenticated users to obtain login access with a different user's non-ASCII username, via a login attempt.", }, { lang: "es", value: "Error de presencia de signo en entero en la función the_pam_StrTok en Linux-PAM (alias pam) 1.0.3 y anteriores, cuando un fichero de configuración contienen nombres de usuario con caracteres non-ASCII, podría permitir a los atacantes remoto causar una denegación de servicios, y podría permitir a usuarios remotos autenticados obtener login de acceso con un nombre de usuario diferente a los usuarios con caracteres non-ASCII, a través de un intento de login.", }, ], id: "CVE-2009-0887", lastModified: "2024-11-21T01:01:09.247", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "LOCAL", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 6.6, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:M/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 2.7, impactScore: 10, obtainAllPrivilege: true, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2009-03-12T15:20:50.127", references: [ { source: "cve@mitre.org", tags: [ "Exploit", ], url: "http://openwall.com/lists/oss-security/2009/03/05/1", }, { source: "cve@mitre.org", url: "http://pam.cvs.sourceforge.net/viewvc/pam/Linux-PAM/libpam/pam_misc.c?r1=1.9&%3Br2=1.10&%3Bview=patch", }, { source: "cve@mitre.org", url: "http://pam.cvs.sourceforge.net/viewvc/pam/Linux-PAM/libpam/pam_misc.c?view=log", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/34733", }, { source: "cve@mitre.org", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2009:077", }, { source: "cve@mitre.org", tags: [ "Patch", ], url: "http://www.securityfocus.com/bid/34010", }, { source: "cve@mitre.org", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/49110", }, { source: "cve@mitre.org", url: "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00398.html", }, { source: "cve@mitre.org", url: "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00420.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", ], url: "http://openwall.com/lists/oss-security/2009/03/05/1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://pam.cvs.sourceforge.net/viewvc/pam/Linux-PAM/libpam/pam_misc.c?r1=1.9&%3Br2=1.10&%3Bview=patch", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://pam.cvs.sourceforge.net/viewvc/pam/Linux-PAM/libpam/pam_misc.c?view=log", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/34733", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2009:077", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://www.securityfocus.com/bid/34010", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/49110", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00398.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00420.html", }, ], sourceIdentifier: "cve@mitre.org", vendorComments: [ { comment: "Red Hat is aware of this issue and is tracking it via the following bug:\nhttps://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=CVE-2009-0887\n\nThe Red Hat Security Response Team has rated this issue as having low security impact, a future update may address this flaw. More information regarding issue severity can be found here: http://www.redhat.com/security/updates/classification/\n", lastModified: "2009-03-13T00:00:00", organization: "Red Hat", }, ], vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-189", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-09-19 22:15
Modified
2024-11-21 06:57
Severity ?
Summary
The Linux-PAM package before 1.5.2-6.1 for openSUSE Tumbleweed allows authentication bypass for SSH logins. The pam_access.so module doesn't correctly restrict login if a user tries to connect from an IP address that is not resolvable via DNS. In such conditions, a user with denied access to a machine can still get access. NOTE: the relevance of this issue is largely limited to openSUSE Tumbleweed and openSUSE Factory; it does not affect Linux-PAM upstream.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://download.opensuse.org/source/distribution/openSUSE-current/repo/oss/src/ | Patch, Vendor Advisory | |
| cve@mitre.org | https://bugzilla.suse.com/show_bug.cgi?id=1197654 | Issue Tracking, Patch, Vendor Advisory | |
| cve@mitre.org | https://www.suse.com/security/cve/CVE-2022-28321.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://download.opensuse.org/source/distribution/openSUSE-current/repo/oss/src/ | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.suse.com/show_bug.cgi?id=1197654 | Issue Tracking, Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.suse.com/security/cve/CVE-2022-28321.html | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux-pam | linux-pam | * | |
| opensuse | tumbleweed | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:linux-pam:linux-pam:*:*:*:*:*:*:*:*", matchCriteriaId: "7CB27F60-F24C-4A17-B9EE-4B20B47244A8", versionEndExcluding: "1.5.2-6.1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:tumbleweed:-:*:*:*:*:*:*:*", matchCriteriaId: "107C84EE-5E5C-4C36-A6DA-295144A527E9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "The Linux-PAM package before 1.5.2-6.1 for openSUSE Tumbleweed allows authentication bypass for SSH logins. The pam_access.so module doesn't correctly restrict login if a user tries to connect from an IP address that is not resolvable via DNS. In such conditions, a user with denied access to a machine can still get access. NOTE: the relevance of this issue is largely limited to openSUSE Tumbleweed and openSUSE Factory; it does not affect Linux-PAM upstream.", }, { lang: "es", value: "El paquete Linux-PAM versiones anteriores a 1.5.2-6.1 para openSUSE Tumbleweed, permite omitir la autenticación en los inicios de sesión SSH. El módulo pam_access.so no restringe correctamente el inicio de sesión si un usuario intenta conectarse desde una dirección IP que no es resoluble por medio de DNS. En tales condiciones, un usuario con acceso denegado a una máquina puede seguir accediendo. NOTA: la relevancia de este problema es limitada en gran medida a openSUSE Tumbleweed y openSUSE Factory; no afecta a Linux-PAM upstream", }, ], id: "CVE-2022-28321", lastModified: "2024-11-21T06:57:09.883", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-09-19T22:15:10.913", references: [ { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://download.opensuse.org/source/distribution/openSUSE-current/repo/oss/src/", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Patch", "Vendor Advisory", ], url: "https://bugzilla.suse.com/show_bug.cgi?id=1197654", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://www.suse.com/security/cve/CVE-2022-28321.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://download.opensuse.org/source/distribution/openSUSE-current/repo/oss/src/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", "Vendor Advisory", ], url: "https://bugzilla.suse.com/show_bug.cgi?id=1197654", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.suse.com/security/cve/CVE-2022-28321.html", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-287", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2014-04-10 20:29
Modified
2024-11-21 02:06
Severity ?
Summary
Multiple directory traversal vulnerabilities in pam_timestamp.c in the pam_timestamp module for Linux-PAM (aka pam) 1.1.8 allow local users to create arbitrary files or possibly bypass authentication via a .. (dot dot) in the (1) PAM_RUSER value to the get_ruser function or (2) PAM_TTY value to the check_tty function, which is used by the format_timestamp_name function.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:linux-pam:linux-pam:1.1.8:*:*:*:*:*:*:*", matchCriteriaId: "90605E61-D799-47D1-AE78-F47D0DCE4CC6", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple directory traversal vulnerabilities in pam_timestamp.c in the pam_timestamp module for Linux-PAM (aka pam) 1.1.8 allow local users to create arbitrary files or possibly bypass authentication via a .. (dot dot) in the (1) PAM_RUSER value to the get_ruser function or (2) PAM_TTY value to the check_tty function, which is used by the format_timestamp_name function.", }, { lang: "es", value: "Múltiples vulnerabilidades de salto de directorio en pam_timestamp.c en el módulo pam_timestamp para Linux-PAM (también conocido como pam) 1.1.8 permite a atacantes remotos crear archivos arbitrarios o posiblemente eludir la autenticación a través de un .. (punto punto) en el valor(1) PAM_RUSER para la función get_ruser o en el valor (2) PAM_TTY para la función check_tty, que es utilizada por la función format_timestamp_name.", }, ], id: "CVE-2014-2583", lastModified: "2024-11-21T02:06:34.500", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2014-04-10T20:29:20.707", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/57317", }, { source: "cve@mitre.org", url: "http://www.openwall.com/lists/oss-security/2014/03/24/5", }, { source: "cve@mitre.org", url: "http://www.openwall.com/lists/oss-security/2014/03/26/10", }, { source: "cve@mitre.org", url: "http://www.openwall.com/lists/oss-security/2014/03/31/6", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/66493", }, { source: "cve@mitre.org", url: "http://www.ubuntu.com/usn/USN-2935-1", }, { source: "cve@mitre.org", url: "http://www.ubuntu.com/usn/USN-2935-2", }, { source: "cve@mitre.org", url: "http://www.ubuntu.com/usn/USN-2935-3", }, { source: "cve@mitre.org", tags: [ "Exploit", "Patch", ], url: "https://git.fedorahosted.org/cgit/linux-pam.git/commit/?id=Linux-PAM-1_1_8-32-g9dcead8", }, { source: "cve@mitre.org", url: "https://security.gentoo.org/glsa/201605-05", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/57317", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2014/03/24/5", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2014/03/26/10", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2014/03/31/6", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/66493", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.ubuntu.com/usn/USN-2935-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.ubuntu.com/usn/USN-2935-2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.ubuntu.com/usn/USN-2935-3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Patch", ], url: "https://git.fedorahosted.org/cgit/linux-pam.git/commit/?id=Linux-PAM-1_1_8-32-g9dcead8", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201605-05", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-22", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2011-01-24 18:00
Modified
2024-11-21 01:18
Severity ?
Summary
The (1) pam_env and (2) pam_mail modules in Linux-PAM (aka pam) before 1.1.2 use root privileges during read access to files and directories that belong to arbitrary user accounts, which might allow local users to obtain sensitive information by leveraging this filesystem activity, as demonstrated by a symlink attack on the .pam_environment file in a user's home directory.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux-pam | linux-pam | * | |
| linux-pam | linux-pam | 0.99.1.0 | |
| linux-pam | linux-pam | 0.99.2.0 | |
| linux-pam | linux-pam | 0.99.2.1 | |
| linux-pam | linux-pam | 0.99.3.0 | |
| linux-pam | linux-pam | 0.99.4.0 | |
| linux-pam | linux-pam | 0.99.5.0 | |
| linux-pam | linux-pam | 0.99.6.0 | |
| linux-pam | linux-pam | 0.99.6.1 | |
| linux-pam | linux-pam | 0.99.6.2 | |
| linux-pam | linux-pam | 0.99.6.3 | |
| linux-pam | linux-pam | 0.99.7.0 | |
| linux-pam | linux-pam | 0.99.7.1 | |
| linux-pam | linux-pam | 0.99.8.0 | |
| linux-pam | linux-pam | 0.99.8.1 | |
| linux-pam | linux-pam | 0.99.9.0 | |
| linux-pam | linux-pam | 0.99.10.0 | |
| linux-pam | linux-pam | 1.0.0 | |
| linux-pam | linux-pam | 1.0.1 | |
| linux-pam | linux-pam | 1.0.2 | |
| linux-pam | linux-pam | 1.0.3 | |
| linux-pam | linux-pam | 1.0.4 | |
| linux-pam | linux-pam | 1.1.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:linux-pam:linux-pam:*:*:*:*:*:*:*:*", matchCriteriaId: "D45AB07D-A1B8-4BC0-A249-A594D7895B78", versionEndIncluding: "1.1.1", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.1.0:*:*:*:*:*:*:*", matchCriteriaId: "B59C70C7-FABE-4A45-A45D-2C7276D698DF", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.2.0:*:*:*:*:*:*:*", matchCriteriaId: "DBA50D8F-D5A8-4123-93CF-E7714571F411", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.2.1:*:*:*:*:*:*:*", matchCriteriaId: "DB8820C0-1ECB-45AD-A573-5667F0D09776", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.3.0:*:*:*:*:*:*:*", matchCriteriaId: "5D416053-0010-4B25-9F7C-6054C51C1685", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.4.0:*:*:*:*:*:*:*", matchCriteriaId: "B97AB578-0E9E-4370-8379-0CD455F2D740", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.5.0:*:*:*:*:*:*:*", matchCriteriaId: "22A6147C-CC0A-4C9F-B9A9-E144F2133592", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.6.0:*:*:*:*:*:*:*", matchCriteriaId: "6DEF8EC8-0E0A-4C0A-95BE-FB7C23732083", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.6.1:*:*:*:*:*:*:*", matchCriteriaId: "C9A9AB1C-FDF8-4E98-8773-387E03CD93E1", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.6.2:*:*:*:*:*:*:*", matchCriteriaId: "8F94AA92-5854-46B9-8B3C-08FCC5B071CF", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.6.3:*:*:*:*:*:*:*", matchCriteriaId: "FD5C0039-827C-45CD-99BE-95459006CA59", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.7.0:*:*:*:*:*:*:*", matchCriteriaId: "F4256C34-DBCA-4FE0-96A5-874D7F00869A", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.7.1:*:*:*:*:*:*:*", matchCriteriaId: "1B2613D2-33C1-4132-AD9A-68190A59C0F4", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.8.0:*:*:*:*:*:*:*", matchCriteriaId: "08FDE78F-119B-4FC8-BBFA-8048F2CF1227", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.8.1:*:*:*:*:*:*:*", matchCriteriaId: "C4A75789-F7EC-4D9C-942A-243DF92E5CA5", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.9.0:*:*:*:*:*:*:*", matchCriteriaId: "3753027E-D3A4-45D4-A3A3-2320C48AF6C6", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.10.0:*:*:*:*:*:*:*", matchCriteriaId: "6533A629-6351-4831-BBF7-44718262FAF3", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:1.0.0:*:*:*:*:*:*:*", matchCriteriaId: "516F23F9-25B3-40DB-A3CA-2F1DE0678934", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:1.0.1:*:*:*:*:*:*:*", matchCriteriaId: "5F3ACA7F-D247-439C-8B5E-287EC5D236AF", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:1.0.2:*:*:*:*:*:*:*", matchCriteriaId: "6A30E5C3-501D-4DAA-B7F7-E42F98DEDBF9", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:1.0.3:*:*:*:*:*:*:*", matchCriteriaId: "AEC8C86C-9FC7-4838-BFD8-90431DEC4946", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:1.0.4:*:*:*:*:*:*:*", matchCriteriaId: "EBE3BF43-7402-4CC0-A329-C8597A0758C7", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:1.1.0:*:*:*:*:*:*:*", matchCriteriaId: "7A39C8AD-FA7C-4C64-AAB7-93CC461E73F2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The (1) pam_env and (2) pam_mail modules in Linux-PAM (aka pam) before 1.1.2 use root privileges during read access to files and directories that belong to arbitrary user accounts, which might allow local users to obtain sensitive information by leveraging this filesystem activity, as demonstrated by a symlink attack on the .pam_environment file in a user's home directory.", }, { lang: "es", value: "Los módulos pam_env (1) y (2) pam_mail de Linux-PAM en versiones anteriores a v1.1.2 utiliza privilegios de root durante el acceso de lectura a los archivos y directorios que pertenecen a cuentas de usuario arbitrarias, lo que podría permitir a usuarios locales obtener información sensible de aprovechando esta actividad en el sistema de archivos, como se demuestra por un ataque de enlace simbólico en el archivo pam_environment. en el directorio home del usuario.", }, ], id: "CVE-2010-3435", lastModified: "2024-11-21T01:18:44.050", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.7, confidentialityImpact: "COMPLETE", integrityImpact: "NONE", vectorString: "AV:L/AC:M/Au:N/C:C/I:N/A:N", version: "2.0", }, exploitabilityScore: 3.4, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2011-01-24T18:00:02.033", references: [ { source: "secalert@redhat.com", url: "http://git.altlinux.org/people/ldv/packages/?p=pam.git%3Ba=commit%3Bh=06f882f30092a39a1db867c9744b2ca8d60e4ad6", }, { source: "secalert@redhat.com", url: "http://lists.vmware.com/pipermail/security-announce/2011/000126.html", }, { source: "secalert@redhat.com", tags: [ "Patch", ], url: "http://openwall.com/lists/oss-security/2010/09/21/3", }, { source: "secalert@redhat.com", url: "http://openwall.com/lists/oss-security/2010/09/27/10", }, { source: "secalert@redhat.com", tags: [ "Patch", ], url: "http://openwall.com/lists/oss-security/2010/09/27/4", }, { source: "secalert@redhat.com", tags: [ "Patch", ], url: "http://openwall.com/lists/oss-security/2010/09/27/5", }, { source: "secalert@redhat.com", tags: [ "Patch", ], url: "http://openwall.com/lists/oss-security/2010/09/27/7", }, { source: "secalert@redhat.com", url: "http://openwall.com/lists/oss-security/2010/09/27/8", }, { source: "secalert@redhat.com", tags: [ "Patch", ], url: "http://openwall.com/lists/oss-security/2010/10/25/2", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/49711", }, { source: "secalert@redhat.com", url: "http://security.gentoo.org/glsa/glsa-201206-31.xml", }, { source: "secalert@redhat.com", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2010:220", }, { source: "secalert@redhat.com", url: "http://www.openwall.com/lists/oss-security/2010/09/24/2", }, { source: "secalert@redhat.com", url: "http://www.redhat.com/support/errata/RHSA-2010-0819.html", }, { source: "secalert@redhat.com", url: "http://www.redhat.com/support/errata/RHSA-2010-0891.html", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/archive/1/516909/100/0/threaded", }, { source: "secalert@redhat.com", url: "http://www.vmware.com/security/advisories/VMSA-2011-0004.html", }, { source: "secalert@redhat.com", url: "http://www.vupen.com/english/advisories/2011/0606", }, { source: "secalert@redhat.com", tags: [ "Patch", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=641335", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://git.altlinux.org/people/ldv/packages/?p=pam.git%3Ba=commit%3Bh=06f882f30092a39a1db867c9744b2ca8d60e4ad6", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.vmware.com/pipermail/security-announce/2011/000126.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://openwall.com/lists/oss-security/2010/09/21/3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://openwall.com/lists/oss-security/2010/09/27/10", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://openwall.com/lists/oss-security/2010/09/27/4", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://openwall.com/lists/oss-security/2010/09/27/5", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://openwall.com/lists/oss-security/2010/09/27/7", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://openwall.com/lists/oss-security/2010/09/27/8", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://openwall.com/lists/oss-security/2010/10/25/2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/49711", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://security.gentoo.org/glsa/glsa-201206-31.xml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2010:220", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2010/09/24/2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.redhat.com/support/errata/RHSA-2010-0819.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.redhat.com/support/errata/RHSA-2010-0891.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/archive/1/516909/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vmware.com/security/advisories/VMSA-2011-0004.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2011/0606", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=641335", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2011-01-24 18:00
Modified
2024-11-21 01:18
Severity ?
Summary
The run_coprocess function in pam_xauth.c in the pam_xauth module in Linux-PAM (aka pam) before 1.1.2 does not check the return values of the setuid, setgid, and setgroups system calls, which might allow local users to read arbitrary files by executing a program that relies on the pam_xauth PAM check.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux-pam | linux-pam | * | |
| linux-pam | linux-pam | 0.99.1.0 | |
| linux-pam | linux-pam | 0.99.2.0 | |
| linux-pam | linux-pam | 0.99.2.1 | |
| linux-pam | linux-pam | 0.99.3.0 | |
| linux-pam | linux-pam | 0.99.4.0 | |
| linux-pam | linux-pam | 0.99.5.0 | |
| linux-pam | linux-pam | 0.99.6.0 | |
| linux-pam | linux-pam | 0.99.6.1 | |
| linux-pam | linux-pam | 0.99.6.2 | |
| linux-pam | linux-pam | 0.99.6.3 | |
| linux-pam | linux-pam | 0.99.7.0 | |
| linux-pam | linux-pam | 0.99.7.1 | |
| linux-pam | linux-pam | 0.99.8.0 | |
| linux-pam | linux-pam | 0.99.8.1 | |
| linux-pam | linux-pam | 0.99.9.0 | |
| linux-pam | linux-pam | 0.99.10.0 | |
| linux-pam | linux-pam | 1.0.0 | |
| linux-pam | linux-pam | 1.0.1 | |
| linux-pam | linux-pam | 1.0.2 | |
| linux-pam | linux-pam | 1.0.3 | |
| linux-pam | linux-pam | 1.0.4 | |
| linux-pam | linux-pam | 1.1.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:linux-pam:linux-pam:*:*:*:*:*:*:*:*", matchCriteriaId: "D45AB07D-A1B8-4BC0-A249-A594D7895B78", versionEndIncluding: "1.1.1", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.1.0:*:*:*:*:*:*:*", matchCriteriaId: "B59C70C7-FABE-4A45-A45D-2C7276D698DF", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.2.0:*:*:*:*:*:*:*", matchCriteriaId: "DBA50D8F-D5A8-4123-93CF-E7714571F411", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.2.1:*:*:*:*:*:*:*", matchCriteriaId: "DB8820C0-1ECB-45AD-A573-5667F0D09776", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.3.0:*:*:*:*:*:*:*", matchCriteriaId: "5D416053-0010-4B25-9F7C-6054C51C1685", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.4.0:*:*:*:*:*:*:*", matchCriteriaId: "B97AB578-0E9E-4370-8379-0CD455F2D740", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.5.0:*:*:*:*:*:*:*", matchCriteriaId: "22A6147C-CC0A-4C9F-B9A9-E144F2133592", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.6.0:*:*:*:*:*:*:*", matchCriteriaId: "6DEF8EC8-0E0A-4C0A-95BE-FB7C23732083", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.6.1:*:*:*:*:*:*:*", matchCriteriaId: "C9A9AB1C-FDF8-4E98-8773-387E03CD93E1", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.6.2:*:*:*:*:*:*:*", matchCriteriaId: "8F94AA92-5854-46B9-8B3C-08FCC5B071CF", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.6.3:*:*:*:*:*:*:*", matchCriteriaId: "FD5C0039-827C-45CD-99BE-95459006CA59", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.7.0:*:*:*:*:*:*:*", matchCriteriaId: "F4256C34-DBCA-4FE0-96A5-874D7F00869A", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.7.1:*:*:*:*:*:*:*", matchCriteriaId: "1B2613D2-33C1-4132-AD9A-68190A59C0F4", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.8.0:*:*:*:*:*:*:*", matchCriteriaId: "08FDE78F-119B-4FC8-BBFA-8048F2CF1227", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.8.1:*:*:*:*:*:*:*", matchCriteriaId: "C4A75789-F7EC-4D9C-942A-243DF92E5CA5", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.9.0:*:*:*:*:*:*:*", matchCriteriaId: "3753027E-D3A4-45D4-A3A3-2320C48AF6C6", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.10.0:*:*:*:*:*:*:*", matchCriteriaId: "6533A629-6351-4831-BBF7-44718262FAF3", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:1.0.0:*:*:*:*:*:*:*", matchCriteriaId: "516F23F9-25B3-40DB-A3CA-2F1DE0678934", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:1.0.1:*:*:*:*:*:*:*", matchCriteriaId: "5F3ACA7F-D247-439C-8B5E-287EC5D236AF", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:1.0.2:*:*:*:*:*:*:*", matchCriteriaId: "6A30E5C3-501D-4DAA-B7F7-E42F98DEDBF9", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:1.0.3:*:*:*:*:*:*:*", matchCriteriaId: "AEC8C86C-9FC7-4838-BFD8-90431DEC4946", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:1.0.4:*:*:*:*:*:*:*", matchCriteriaId: "EBE3BF43-7402-4CC0-A329-C8597A0758C7", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:1.1.0:*:*:*:*:*:*:*", matchCriteriaId: "7A39C8AD-FA7C-4C64-AAB7-93CC461E73F2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The run_coprocess function in pam_xauth.c in the pam_xauth module in Linux-PAM (aka pam) before 1.1.2 does not check the return values of the setuid, setgid, and setgroups system calls, which might allow local users to read arbitrary files by executing a program that relies on the pam_xauth PAM check.", }, { lang: "es", value: "La función run_coprocess en pam_xauth.c en el módulo pam_xauth de Linux-PAM (también conocido por PAM)en la versiones anteriores a v1.1.2 no comprueba los valores de retorno de la setuid, setgid, y pide setgroups sistema, que podría permitir a usuarios locales leer ficheros arbitrarios por la ejecución de un programa que se basa en la pam_xauth de la comprobación de PAM.", }, ], id: "CVE-2010-3316", lastModified: "2024-11-21T01:18:29.823", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "MEDIUM", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 3.3, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:M/Au:N/C:P/I:P/A:N", version: "2.0", }, exploitabilityScore: 3.4, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2011-01-24T18:00:01.847", references: [ { source: "secalert@redhat.com", url: "http://git.altlinux.org/people/ldv/packages/?p=pam.git%3Ba=commit%3Bh=06f882f30092a39a1db867c9744b2ca8d60e4ad6", }, { source: "secalert@redhat.com", url: "http://lists.vmware.com/pipermail/security-announce/2011/000126.html", }, { source: "secalert@redhat.com", url: "http://openwall.com/lists/oss-security/2010/08/16/2", }, { source: "secalert@redhat.com", tags: [ "Patch", ], url: "http://openwall.com/lists/oss-security/2010/09/21/3", }, { source: "secalert@redhat.com", tags: [ "Patch", ], url: "http://openwall.com/lists/oss-security/2010/09/21/8", }, { source: "secalert@redhat.com", url: "http://openwall.com/lists/oss-security/2010/09/27/10", }, { source: "secalert@redhat.com", tags: [ "Patch", ], url: "http://openwall.com/lists/oss-security/2010/09/27/4", }, { source: "secalert@redhat.com", tags: [ "Patch", ], url: "http://openwall.com/lists/oss-security/2010/09/27/5", }, { source: "secalert@redhat.com", tags: [ "Patch", ], url: "http://openwall.com/lists/oss-security/2010/09/27/7", }, { source: "secalert@redhat.com", tags: [ "Patch", ], url: "http://openwall.com/lists/oss-security/2010/10/25/2", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/49711", }, { source: "secalert@redhat.com", url: "http://security.gentoo.org/glsa/glsa-201206-31.xml", }, { source: "secalert@redhat.com", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2010:220", }, { source: "secalert@redhat.com", tags: [ "Patch", ], url: "http://www.openwall.com/lists/oss-security/2010/09/24/2", }, { source: "secalert@redhat.com", url: "http://www.redhat.com/support/errata/RHSA-2010-0819.html", }, { source: "secalert@redhat.com", url: "http://www.redhat.com/support/errata/RHSA-2010-0891.html", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/archive/1/516909/100/0/threaded", }, { source: "secalert@redhat.com", url: "http://www.vmware.com/security/advisories/VMSA-2011-0004.html", }, { source: "secalert@redhat.com", url: "http://www.vupen.com/english/advisories/2011/0606", }, { source: "secalert@redhat.com", tags: [ "Patch", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=637898", }, { source: "secalert@redhat.com", url: "https://sourceforge.net/tracker/?func=detail&aid=3028213&group_id=6663&atid=106663", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://git.altlinux.org/people/ldv/packages/?p=pam.git%3Ba=commit%3Bh=06f882f30092a39a1db867c9744b2ca8d60e4ad6", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.vmware.com/pipermail/security-announce/2011/000126.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://openwall.com/lists/oss-security/2010/08/16/2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://openwall.com/lists/oss-security/2010/09/21/3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://openwall.com/lists/oss-security/2010/09/21/8", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://openwall.com/lists/oss-security/2010/09/27/10", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://openwall.com/lists/oss-security/2010/09/27/4", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://openwall.com/lists/oss-security/2010/09/27/5", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://openwall.com/lists/oss-security/2010/09/27/7", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://openwall.com/lists/oss-security/2010/10/25/2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/49711", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://security.gentoo.org/glsa/glsa-201206-31.xml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2010:220", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://www.openwall.com/lists/oss-security/2010/09/24/2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.redhat.com/support/errata/RHSA-2010-0819.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.redhat.com/support/errata/RHSA-2010-0891.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/archive/1/516909/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vmware.com/security/advisories/VMSA-2011-0004.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2011/0606", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=637898", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://sourceforge.net/tracker/?func=detail&aid=3028213&group_id=6663&atid=106663", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2012-07-22 17:55
Modified
2024-11-21 01:29
Severity ?
Summary
The _expand_arg function in the pam_env module (modules/pam_env/pam_env.c) in Linux-PAM (aka pam) before 1.1.5 does not properly handle when environment variable expansion can overflow, which allows local users to cause a denial of service (CPU consumption).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux-pam | linux-pam | * | |
| linux-pam | linux-pam | 0.99.1.0 | |
| linux-pam | linux-pam | 0.99.2.0 | |
| linux-pam | linux-pam | 0.99.2.1 | |
| linux-pam | linux-pam | 0.99.3.0 | |
| linux-pam | linux-pam | 0.99.4.0 | |
| linux-pam | linux-pam | 0.99.5.0 | |
| linux-pam | linux-pam | 0.99.6.0 | |
| linux-pam | linux-pam | 0.99.6.1 | |
| linux-pam | linux-pam | 0.99.6.2 | |
| linux-pam | linux-pam | 0.99.6.3 | |
| linux-pam | linux-pam | 0.99.7.0 | |
| linux-pam | linux-pam | 0.99.7.1 | |
| linux-pam | linux-pam | 0.99.8.0 | |
| linux-pam | linux-pam | 0.99.8.1 | |
| linux-pam | linux-pam | 0.99.9.0 | |
| linux-pam | linux-pam | 0.99.10.0 | |
| linux-pam | linux-pam | 1.0.0 | |
| linux-pam | linux-pam | 1.0.1 | |
| linux-pam | linux-pam | 1.0.2 | |
| linux-pam | linux-pam | 1.0.3 | |
| linux-pam | linux-pam | 1.0.4 | |
| linux-pam | linux-pam | 1.1.0 | |
| linux-pam | linux-pam | 1.1.1 | |
| linux-pam | linux-pam | 1.1.2 | |
| linux-pam | linux-pam | 1.1.3 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:linux-pam:linux-pam:*:*:*:*:*:*:*:*", matchCriteriaId: "92B08B4D-8A9C-4BF4-94AD-9ED9E86C7138", versionEndIncluding: "1.1.4", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.1.0:*:*:*:*:*:*:*", matchCriteriaId: "B59C70C7-FABE-4A45-A45D-2C7276D698DF", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.2.0:*:*:*:*:*:*:*", matchCriteriaId: "DBA50D8F-D5A8-4123-93CF-E7714571F411", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.2.1:*:*:*:*:*:*:*", matchCriteriaId: "DB8820C0-1ECB-45AD-A573-5667F0D09776", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.3.0:*:*:*:*:*:*:*", matchCriteriaId: "5D416053-0010-4B25-9F7C-6054C51C1685", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.4.0:*:*:*:*:*:*:*", matchCriteriaId: "B97AB578-0E9E-4370-8379-0CD455F2D740", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.5.0:*:*:*:*:*:*:*", matchCriteriaId: "22A6147C-CC0A-4C9F-B9A9-E144F2133592", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.6.0:*:*:*:*:*:*:*", matchCriteriaId: "6DEF8EC8-0E0A-4C0A-95BE-FB7C23732083", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.6.1:*:*:*:*:*:*:*", matchCriteriaId: "C9A9AB1C-FDF8-4E98-8773-387E03CD93E1", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.6.2:*:*:*:*:*:*:*", matchCriteriaId: "8F94AA92-5854-46B9-8B3C-08FCC5B071CF", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.6.3:*:*:*:*:*:*:*", matchCriteriaId: "FD5C0039-827C-45CD-99BE-95459006CA59", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.7.0:*:*:*:*:*:*:*", matchCriteriaId: "F4256C34-DBCA-4FE0-96A5-874D7F00869A", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.7.1:*:*:*:*:*:*:*", matchCriteriaId: "1B2613D2-33C1-4132-AD9A-68190A59C0F4", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.8.0:*:*:*:*:*:*:*", matchCriteriaId: "08FDE78F-119B-4FC8-BBFA-8048F2CF1227", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.8.1:*:*:*:*:*:*:*", matchCriteriaId: "C4A75789-F7EC-4D9C-942A-243DF92E5CA5", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.9.0:*:*:*:*:*:*:*", matchCriteriaId: "3753027E-D3A4-45D4-A3A3-2320C48AF6C6", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.10.0:*:*:*:*:*:*:*", matchCriteriaId: "6533A629-6351-4831-BBF7-44718262FAF3", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:1.0.0:*:*:*:*:*:*:*", matchCriteriaId: "516F23F9-25B3-40DB-A3CA-2F1DE0678934", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:1.0.1:*:*:*:*:*:*:*", matchCriteriaId: "5F3ACA7F-D247-439C-8B5E-287EC5D236AF", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:1.0.2:*:*:*:*:*:*:*", matchCriteriaId: "6A30E5C3-501D-4DAA-B7F7-E42F98DEDBF9", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:1.0.3:*:*:*:*:*:*:*", matchCriteriaId: "AEC8C86C-9FC7-4838-BFD8-90431DEC4946", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:1.0.4:*:*:*:*:*:*:*", matchCriteriaId: "EBE3BF43-7402-4CC0-A329-C8597A0758C7", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:1.1.0:*:*:*:*:*:*:*", matchCriteriaId: "7A39C8AD-FA7C-4C64-AAB7-93CC461E73F2", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:1.1.1:*:*:*:*:*:*:*", matchCriteriaId: "1F7BA7CC-F284-40C8-998D-FC70CCAB58D9", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:1.1.2:*:*:*:*:*:*:*", matchCriteriaId: "56F68CBA-E64A-4085-8902-5EBF9A5349D6", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:1.1.3:*:*:*:*:*:*:*", matchCriteriaId: "4B696CDD-C93E-4E88-B2DC-BB9978D879E2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The _expand_arg function in the pam_env module (modules/pam_env/pam_env.c) in Linux-PAM (aka pam) before 1.1.5 does not properly handle when environment variable expansion can overflow, which allows local users to cause a denial of service (CPU consumption).", }, { lang: "es", value: "La función _expand_arg en el módulo pam_env (modules / pam_env / pam_env.c) en Linux-PAM (también conocido como pam) antes de v1.1.5 no controla correctamente cuando la expansión de la variable de entorno puede desbordarse, lo que permite a usuarios locales provocar una denegación de servicio (el consumo de CPU).", }, ], id: "CVE-2011-3149", lastModified: "2024-11-21T01:29:50.923", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 2.1, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2012-07-22T17:55:01.103", references: [ { source: "cve@mitre.org", url: "http://git.fedorahosted.org/git/?p=linux-pam.git%3Ba=commitdiff%3Bh=109823cb621c900c07c4b6cdc99070d354d19444", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/46583", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/49711", }, { source: "cve@mitre.org", url: "http://security.gentoo.org/glsa/glsa-201206-31.xml", }, { source: "cve@mitre.org", url: "http://www.ubuntu.com/usn/USN-1237-1", }, { source: "cve@mitre.org", url: "https://bugs.launchpad.net/ubuntu/+source/pam/+bug/874565", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://git.fedorahosted.org/git/?p=linux-pam.git%3Ba=commitdiff%3Bh=109823cb621c900c07c4b6cdc99070d354d19444", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/46583", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/49711", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://security.gentoo.org/glsa/glsa-201206-31.xml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.ubuntu.com/usn/USN-1237-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://bugs.launchpad.net/ubuntu/+source/pam/+bug/874565", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-10-23 14:15
Modified
2024-12-18 10:15
Severity ?
Summary
A vulnerability was found in PAM. The secret information is stored in memory, where the attacker can trigger the victim program to execute by sending characters to its standard input (stdin). As this occurs, the attacker can train the branch predictor to execute an ROP chain speculatively. This flaw could result in leaked passwords, such as those found in /etc/shadow while performing authentications.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux-pam | linux-pam | - | |
| redhat | enterprise_linux | 7.0 | |
| redhat | enterprise_linux | 8.0 | |
| redhat | enterprise_linux | 9.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:linux-pam:linux-pam:-:*:*:*:*:*:*:*", matchCriteriaId: "20ED7FC4-9FBB-4886-9FF0-BBBCBBE852D6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "142AD0DD-4CF3-4D74-9442-459CE3347E3A", vulnerable: false, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "F4CFF558-3C47-480D-A2F0-BABF26042943", vulnerable: false, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "7F6FB57C-2BC7-487C-96DD-132683AEB35D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability was found in PAM. The secret information is stored in memory, where the attacker can trigger the victim program to execute by sending characters to its standard input (stdin). As this occurs, the attacker can train the branch predictor to execute an ROP chain speculatively. This flaw could result in leaked passwords, such as those found in /etc/shadow while performing authentications.", }, { lang: "es", value: "Se encontró una vulnerabilidad en PAM. La información secreta se almacena en la memoria, donde el atacante puede hacer que el programa víctima se ejecute enviando caracteres a su entrada estándar (stdin). Mientras esto ocurre, el atacante puede entrenar al predictor de bifurcaciones para que ejecute una cadena ROP de manera especulativa. Esta falla podría provocar la filtración de contraseñas, como las que se encuentran en /etc/shadow mientras se realizan autenticaciones.", }, ], id: "CVE-2024-10041", lastModified: "2024-12-18T10:15:05.850", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 4.7, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 1, impactScore: 3.6, source: "secalert@redhat.com", type: "Primary", }, ], }, published: "2024-10-23T14:15:03.970", references: [ { source: "secalert@redhat.com", url: "https://access.redhat.com/errata/RHSA-2024:10379", }, { source: "secalert@redhat.com", url: "https://access.redhat.com/errata/RHSA-2024:11250", }, { source: "secalert@redhat.com", url: "https://access.redhat.com/errata/RHSA-2024:9941", }, { source: "secalert@redhat.com", tags: [ "Mitigation", "Third Party Advisory", ], url: "https://access.redhat.com/security/cve/CVE-2024-10041", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=2319212", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-922", }, ], source: "secalert@redhat.com", type: "Primary", }, { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-922", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2011-01-24 18:00
Modified
2024-11-21 01:18
Severity ?
Summary
The privilege-dropping implementation in the (1) pam_env and (2) pam_mail modules in Linux-PAM (aka pam) 1.1.2 does not check the return value of the setfsuid system call, which might allow local users to obtain sensitive information by leveraging an unintended uid, as demonstrated by a symlink attack on the .pam_environment file in a user's home directory. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-3435.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:linux-pam:linux-pam:1.1.2:*:*:*:*:*:*:*", matchCriteriaId: "56F68CBA-E64A-4085-8902-5EBF9A5349D6", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The privilege-dropping implementation in the (1) pam_env and (2) pam_mail modules in Linux-PAM (aka pam) 1.1.2 does not check the return value of the setfsuid system call, which might allow local users to obtain sensitive information by leveraging an unintended uid, as demonstrated by a symlink attack on the .pam_environment file in a user's home directory. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-3435.", }, { lang: "es", value: "La aplicación de escalada de privilegios en los modúlos (1) y (2) pam_mail de Linux-PAM (también conocido como pam) v1.1.2 no comprueba el valor devuelto de la llamada al sistema setfsuid, lo que podría permitir a usuarios locales obtener información sensible aprovechando un identificador de usuario no deseado, como lo demuestra un ataque de enlace simbólico en el archivo pam_environment en el directorio home del usuario. NOTA: esta vulnerabilidad existe debido a una solución incompleta para CVE-2010-3435.", }, ], id: "CVE-2010-3431", lastModified: "2024-11-21T01:18:43.490", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "MEDIUM", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 1.9, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:M/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 3.4, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2011-01-24T18:00:01.970", references: [ { source: "secalert@redhat.com", url: "http://git.altlinux.org/people/ldv/packages/?p=pam.git%3Ba=commit%3Bh=843807a3a90f52e7538be756616510730a24739a", }, { source: "secalert@redhat.com", tags: [ "Patch", ], url: "http://openwall.com/lists/oss-security/2010/09/21/10", }, { source: "secalert@redhat.com", tags: [ "Patch", ], url: "http://openwall.com/lists/oss-security/2010/09/21/3", }, { source: "secalert@redhat.com", tags: [ "Patch", ], url: "http://openwall.com/lists/oss-security/2010/09/21/8", }, { source: "secalert@redhat.com", url: "http://openwall.com/lists/oss-security/2010/09/21/9", }, { source: "secalert@redhat.com", url: "http://openwall.com/lists/oss-security/2010/09/27/10", }, { source: "secalert@redhat.com", tags: [ "Patch", ], url: "http://openwall.com/lists/oss-security/2010/09/27/4", }, { source: "secalert@redhat.com", url: "http://openwall.com/lists/oss-security/2010/09/27/5", }, { source: "secalert@redhat.com", url: "http://openwall.com/lists/oss-security/2010/09/27/7", }, { source: "secalert@redhat.com", tags: [ "Patch", ], url: "http://openwall.com/lists/oss-security/2010/10/03/1", }, { source: "secalert@redhat.com", tags: [ "Patch", ], url: "http://openwall.com/lists/oss-security/2010/10/25/2", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/49711", }, { source: "secalert@redhat.com", url: "http://security.gentoo.org/glsa/glsa-201206-31.xml", }, { source: "secalert@redhat.com", tags: [ "Patch", ], url: "http://www.openwall.com/lists/oss-security/2010/09/21/11", }, { source: "secalert@redhat.com", url: "http://www.openwall.com/lists/oss-security/2010/09/24/2", }, { source: "secalert@redhat.com", tags: [ "Patch", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=641361", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://git.altlinux.org/people/ldv/packages/?p=pam.git%3Ba=commit%3Bh=843807a3a90f52e7538be756616510730a24739a", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://openwall.com/lists/oss-security/2010/09/21/10", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://openwall.com/lists/oss-security/2010/09/21/3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://openwall.com/lists/oss-security/2010/09/21/8", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://openwall.com/lists/oss-security/2010/09/21/9", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://openwall.com/lists/oss-security/2010/09/27/10", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://openwall.com/lists/oss-security/2010/09/27/4", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://openwall.com/lists/oss-security/2010/09/27/5", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://openwall.com/lists/oss-security/2010/09/27/7", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://openwall.com/lists/oss-security/2010/10/03/1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://openwall.com/lists/oss-security/2010/10/25/2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/49711", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://security.gentoo.org/glsa/glsa-201206-31.xml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://www.openwall.com/lists/oss-security/2010/09/21/11", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2010/09/24/2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=641361", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2011-01-24 19:00
Modified
2024-11-21 01:21
Severity ?
Summary
The pam_sm_close_session function in pam_xauth.c in the pam_xauth module in Linux-PAM (aka pam) 1.1.2 and earlier does not properly handle a failure to determine a certain target uid, which might allow local users to delete unintended files by executing a program that relies on the pam_xauth PAM check.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux-pam | linux-pam | * | |
| linux-pam | linux-pam | 0.99.1.0 | |
| linux-pam | linux-pam | 0.99.2.0 | |
| linux-pam | linux-pam | 0.99.2.1 | |
| linux-pam | linux-pam | 0.99.3.0 | |
| linux-pam | linux-pam | 0.99.4.0 | |
| linux-pam | linux-pam | 0.99.5.0 | |
| linux-pam | linux-pam | 0.99.6.0 | |
| linux-pam | linux-pam | 0.99.6.1 | |
| linux-pam | linux-pam | 0.99.6.2 | |
| linux-pam | linux-pam | 0.99.6.3 | |
| linux-pam | linux-pam | 0.99.7.0 | |
| linux-pam | linux-pam | 0.99.7.1 | |
| linux-pam | linux-pam | 0.99.8.0 | |
| linux-pam | linux-pam | 0.99.8.1 | |
| linux-pam | linux-pam | 0.99.9.0 | |
| linux-pam | linux-pam | 0.99.10.0 | |
| linux-pam | linux-pam | 1.0.0 | |
| linux-pam | linux-pam | 1.0.1 | |
| linux-pam | linux-pam | 1.0.2 | |
| linux-pam | linux-pam | 1.0.3 | |
| linux-pam | linux-pam | 1.0.4 | |
| linux-pam | linux-pam | 1.1.0 | |
| linux-pam | linux-pam | 1.1.1 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:linux-pam:linux-pam:*:*:*:*:*:*:*:*", matchCriteriaId: "13C9E7AE-3FFF-4A41-BEB0-2E37B6000901", versionEndIncluding: "1.1.2", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.1.0:*:*:*:*:*:*:*", matchCriteriaId: "B59C70C7-FABE-4A45-A45D-2C7276D698DF", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.2.0:*:*:*:*:*:*:*", matchCriteriaId: "DBA50D8F-D5A8-4123-93CF-E7714571F411", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.2.1:*:*:*:*:*:*:*", matchCriteriaId: "DB8820C0-1ECB-45AD-A573-5667F0D09776", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.3.0:*:*:*:*:*:*:*", matchCriteriaId: "5D416053-0010-4B25-9F7C-6054C51C1685", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.4.0:*:*:*:*:*:*:*", matchCriteriaId: "B97AB578-0E9E-4370-8379-0CD455F2D740", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.5.0:*:*:*:*:*:*:*", matchCriteriaId: "22A6147C-CC0A-4C9F-B9A9-E144F2133592", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.6.0:*:*:*:*:*:*:*", matchCriteriaId: "6DEF8EC8-0E0A-4C0A-95BE-FB7C23732083", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.6.1:*:*:*:*:*:*:*", matchCriteriaId: "C9A9AB1C-FDF8-4E98-8773-387E03CD93E1", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.6.2:*:*:*:*:*:*:*", matchCriteriaId: "8F94AA92-5854-46B9-8B3C-08FCC5B071CF", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.6.3:*:*:*:*:*:*:*", matchCriteriaId: "FD5C0039-827C-45CD-99BE-95459006CA59", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.7.0:*:*:*:*:*:*:*", matchCriteriaId: "F4256C34-DBCA-4FE0-96A5-874D7F00869A", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.7.1:*:*:*:*:*:*:*", matchCriteriaId: "1B2613D2-33C1-4132-AD9A-68190A59C0F4", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.8.0:*:*:*:*:*:*:*", matchCriteriaId: "08FDE78F-119B-4FC8-BBFA-8048F2CF1227", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.8.1:*:*:*:*:*:*:*", matchCriteriaId: "C4A75789-F7EC-4D9C-942A-243DF92E5CA5", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.9.0:*:*:*:*:*:*:*", matchCriteriaId: "3753027E-D3A4-45D4-A3A3-2320C48AF6C6", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.10.0:*:*:*:*:*:*:*", matchCriteriaId: "6533A629-6351-4831-BBF7-44718262FAF3", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:1.0.0:*:*:*:*:*:*:*", matchCriteriaId: "516F23F9-25B3-40DB-A3CA-2F1DE0678934", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:1.0.1:*:*:*:*:*:*:*", matchCriteriaId: "5F3ACA7F-D247-439C-8B5E-287EC5D236AF", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:1.0.2:*:*:*:*:*:*:*", matchCriteriaId: "6A30E5C3-501D-4DAA-B7F7-E42F98DEDBF9", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:1.0.3:*:*:*:*:*:*:*", matchCriteriaId: "AEC8C86C-9FC7-4838-BFD8-90431DEC4946", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:1.0.4:*:*:*:*:*:*:*", matchCriteriaId: "EBE3BF43-7402-4CC0-A329-C8597A0758C7", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:1.1.0:*:*:*:*:*:*:*", matchCriteriaId: "7A39C8AD-FA7C-4C64-AAB7-93CC461E73F2", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:1.1.1:*:*:*:*:*:*:*", matchCriteriaId: "1F7BA7CC-F284-40C8-998D-FC70CCAB58D9", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The pam_sm_close_session function in pam_xauth.c in the pam_xauth module in Linux-PAM (aka pam) 1.1.2 and earlier does not properly handle a failure to determine a certain target uid, which might allow local users to delete unintended files by executing a program that relies on the pam_xauth PAM check.", }, { lang: "es", value: "La función pam_sm_close_session en pam_xauth.c en el módulo pam_xauth en Linux-PAM (también conocido como pam) v1.1.2 y anteriores no maneja adecuadamente una característica para determinar un cierto objetivo UID, lo que permite a usuarios locales borrar archivos no buscados ejecutando un programa que confía en la comprobación del pam_xauth PAM.", }, ], id: "CVE-2010-4706", lastModified: "2024-11-21T01:21:34.170", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 4.9, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2011-01-24T19:00:01.877", references: [ { source: "cve@mitre.org", url: "http://git.altlinux.org/people/ldv/packages/?p=pam.git%3Ba=commit%3Bh=Linux-PAM-1_1_2-3-g05dafc06cd3dfeb7c4b24942e4e1ae33ff75a123", }, { source: "cve@mitre.org", tags: [ "Patch", ], url: "http://openwall.com/lists/oss-security/2010/10/03/1", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/49711", }, { source: "cve@mitre.org", url: "http://security.gentoo.org/glsa/glsa-201206-31.xml", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/46045", }, { source: "cve@mitre.org", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/65035", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://git.altlinux.org/people/ldv/packages/?p=pam.git%3Ba=commit%3Bh=Linux-PAM-1_1_2-3-g05dafc06cd3dfeb7c4b24942e4e1ae33ff75a123", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://openwall.com/lists/oss-security/2010/10/03/1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/49711", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://security.gentoo.org/glsa/glsa-201206-31.xml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/46045", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/65035", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2011-01-24 18:00
Modified
2024-11-21 01:18
Severity ?
Summary
The privilege-dropping implementation in the (1) pam_env and (2) pam_mail modules in Linux-PAM (aka pam) 1.1.2 does not perform the required setfsgid and setgroups system calls, which might allow local users to obtain sensitive information by leveraging unintended group permissions, as demonstrated by a symlink attack on the .pam_environment file in a user's home directory. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-3435.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:linux-pam:linux-pam:1.1.2:*:*:*:*:*:*:*", matchCriteriaId: "56F68CBA-E64A-4085-8902-5EBF9A5349D6", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The privilege-dropping implementation in the (1) pam_env and (2) pam_mail modules in Linux-PAM (aka pam) 1.1.2 does not perform the required setfsgid and setgroups system calls, which might allow local users to obtain sensitive information by leveraging unintended group permissions, as demonstrated by a symlink attack on the .pam_environment file in a user's home directory. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-3435.", }, { lang: "es", value: "La implementación de la escalada de privilegios en los módulos pam_env (1) y (2) pam_mail de Linux-PAM (también conocido como pam) v1.1.2 no realiza la setfsgid requiere y pide setgroups sistema, que podría permitir a usuarios locales obtener información sensible mediante el aprovechamiento de permisos de grupo no deseados, como lo demuestra un ataque de enlace simbólico en el archivo pam_environment en el directorio home del usuario. NOTA: esta vulnerabilidad existe debido a una solución incompleta para CVE-2010-3435.", }, ], id: "CVE-2010-3430", lastModified: "2024-11-21T01:18:43.363", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.7, confidentialityImpact: "COMPLETE", integrityImpact: "NONE", vectorString: "AV:L/AC:M/Au:N/C:C/I:N/A:N", version: "2.0", }, exploitabilityScore: 3.4, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2011-01-24T18:00:01.907", references: [ { source: "secalert@redhat.com", url: "http://git.altlinux.org/people/ldv/packages/?p=pam.git%3Ba=commit%3Bh=843807a3a90f52e7538be756616510730a24739a", }, { source: "secalert@redhat.com", url: "http://openwall.com/lists/oss-security/2010/09/21/10", }, { source: "secalert@redhat.com", tags: [ "Patch", ], url: "http://openwall.com/lists/oss-security/2010/09/21/3", }, { source: "secalert@redhat.com", tags: [ "Patch", ], url: "http://openwall.com/lists/oss-security/2010/09/21/8", }, { source: "secalert@redhat.com", url: "http://openwall.com/lists/oss-security/2010/09/21/9", }, { source: "secalert@redhat.com", url: "http://openwall.com/lists/oss-security/2010/09/27/10", }, { source: "secalert@redhat.com", tags: [ "Patch", ], url: "http://openwall.com/lists/oss-security/2010/09/27/4", }, { source: "secalert@redhat.com", tags: [ "Patch", ], url: "http://openwall.com/lists/oss-security/2010/09/27/5", }, { source: "secalert@redhat.com", tags: [ "Patch", ], url: "http://openwall.com/lists/oss-security/2010/09/27/7", }, { source: "secalert@redhat.com", tags: [ "Patch", ], url: "http://openwall.com/lists/oss-security/2010/10/03/1", }, { source: "secalert@redhat.com", tags: [ "Patch", ], url: "http://openwall.com/lists/oss-security/2010/10/25/2", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/49711", }, { source: "secalert@redhat.com", url: "http://security.gentoo.org/glsa/glsa-201206-31.xml", }, { source: "secalert@redhat.com", url: "http://www.openwall.com/lists/oss-security/2010/09/21/11", }, { source: "secalert@redhat.com", url: "http://www.openwall.com/lists/oss-security/2010/09/24/2", }, { source: "secalert@redhat.com", tags: [ "Patch", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=641361", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://git.altlinux.org/people/ldv/packages/?p=pam.git%3Ba=commit%3Bh=843807a3a90f52e7538be756616510730a24739a", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://openwall.com/lists/oss-security/2010/09/21/10", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://openwall.com/lists/oss-security/2010/09/21/3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://openwall.com/lists/oss-security/2010/09/21/8", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://openwall.com/lists/oss-security/2010/09/21/9", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://openwall.com/lists/oss-security/2010/09/27/10", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://openwall.com/lists/oss-security/2010/09/27/4", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://openwall.com/lists/oss-security/2010/09/27/5", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://openwall.com/lists/oss-security/2010/09/27/7", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://openwall.com/lists/oss-security/2010/10/03/1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://openwall.com/lists/oss-security/2010/10/25/2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/49711", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://security.gentoo.org/glsa/glsa-201206-31.xml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2010/09/21/11", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2010/09/24/2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=641361", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2012-07-22 17:55
Modified
2024-11-21 01:29
Severity ?
Summary
Stack-based buffer overflow in the _assemble_line function in modules/pam_env/pam_env.c in Linux-PAM (aka pam) before 1.1.5 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long string of white spaces at the beginning of the ~/.pam_environment file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux-pam | linux-pam | * | |
| linux-pam | linux-pam | 0.99.1.0 | |
| linux-pam | linux-pam | 0.99.2.0 | |
| linux-pam | linux-pam | 0.99.2.1 | |
| linux-pam | linux-pam | 0.99.3.0 | |
| linux-pam | linux-pam | 0.99.4.0 | |
| linux-pam | linux-pam | 0.99.5.0 | |
| linux-pam | linux-pam | 0.99.6.0 | |
| linux-pam | linux-pam | 0.99.6.1 | |
| linux-pam | linux-pam | 0.99.6.2 | |
| linux-pam | linux-pam | 0.99.6.3 | |
| linux-pam | linux-pam | 0.99.7.0 | |
| linux-pam | linux-pam | 0.99.7.1 | |
| linux-pam | linux-pam | 0.99.8.0 | |
| linux-pam | linux-pam | 0.99.8.1 | |
| linux-pam | linux-pam | 0.99.9.0 | |
| linux-pam | linux-pam | 0.99.10.0 | |
| linux-pam | linux-pam | 1.0.0 | |
| linux-pam | linux-pam | 1.0.1 | |
| linux-pam | linux-pam | 1.0.2 | |
| linux-pam | linux-pam | 1.0.3 | |
| linux-pam | linux-pam | 1.0.4 | |
| linux-pam | linux-pam | 1.1.0 | |
| linux-pam | linux-pam | 1.1.1 | |
| linux-pam | linux-pam | 1.1.2 | |
| linux-pam | linux-pam | 1.1.3 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:linux-pam:linux-pam:*:*:*:*:*:*:*:*", matchCriteriaId: "92B08B4D-8A9C-4BF4-94AD-9ED9E86C7138", versionEndIncluding: "1.1.4", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.1.0:*:*:*:*:*:*:*", matchCriteriaId: "B59C70C7-FABE-4A45-A45D-2C7276D698DF", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.2.0:*:*:*:*:*:*:*", matchCriteriaId: "DBA50D8F-D5A8-4123-93CF-E7714571F411", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.2.1:*:*:*:*:*:*:*", matchCriteriaId: "DB8820C0-1ECB-45AD-A573-5667F0D09776", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.3.0:*:*:*:*:*:*:*", matchCriteriaId: "5D416053-0010-4B25-9F7C-6054C51C1685", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.4.0:*:*:*:*:*:*:*", matchCriteriaId: "B97AB578-0E9E-4370-8379-0CD455F2D740", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.5.0:*:*:*:*:*:*:*", matchCriteriaId: "22A6147C-CC0A-4C9F-B9A9-E144F2133592", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.6.0:*:*:*:*:*:*:*", matchCriteriaId: "6DEF8EC8-0E0A-4C0A-95BE-FB7C23732083", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.6.1:*:*:*:*:*:*:*", matchCriteriaId: "C9A9AB1C-FDF8-4E98-8773-387E03CD93E1", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.6.2:*:*:*:*:*:*:*", matchCriteriaId: "8F94AA92-5854-46B9-8B3C-08FCC5B071CF", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.6.3:*:*:*:*:*:*:*", matchCriteriaId: "FD5C0039-827C-45CD-99BE-95459006CA59", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.7.0:*:*:*:*:*:*:*", matchCriteriaId: "F4256C34-DBCA-4FE0-96A5-874D7F00869A", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.7.1:*:*:*:*:*:*:*", matchCriteriaId: "1B2613D2-33C1-4132-AD9A-68190A59C0F4", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.8.0:*:*:*:*:*:*:*", matchCriteriaId: "08FDE78F-119B-4FC8-BBFA-8048F2CF1227", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.8.1:*:*:*:*:*:*:*", matchCriteriaId: "C4A75789-F7EC-4D9C-942A-243DF92E5CA5", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.9.0:*:*:*:*:*:*:*", matchCriteriaId: "3753027E-D3A4-45D4-A3A3-2320C48AF6C6", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:0.99.10.0:*:*:*:*:*:*:*", matchCriteriaId: "6533A629-6351-4831-BBF7-44718262FAF3", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:1.0.0:*:*:*:*:*:*:*", matchCriteriaId: "516F23F9-25B3-40DB-A3CA-2F1DE0678934", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:1.0.1:*:*:*:*:*:*:*", matchCriteriaId: "5F3ACA7F-D247-439C-8B5E-287EC5D236AF", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:1.0.2:*:*:*:*:*:*:*", matchCriteriaId: "6A30E5C3-501D-4DAA-B7F7-E42F98DEDBF9", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:1.0.3:*:*:*:*:*:*:*", matchCriteriaId: "AEC8C86C-9FC7-4838-BFD8-90431DEC4946", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:1.0.4:*:*:*:*:*:*:*", matchCriteriaId: "EBE3BF43-7402-4CC0-A329-C8597A0758C7", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:1.1.0:*:*:*:*:*:*:*", matchCriteriaId: "7A39C8AD-FA7C-4C64-AAB7-93CC461E73F2", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:1.1.1:*:*:*:*:*:*:*", matchCriteriaId: "1F7BA7CC-F284-40C8-998D-FC70CCAB58D9", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:1.1.2:*:*:*:*:*:*:*", matchCriteriaId: "56F68CBA-E64A-4085-8902-5EBF9A5349D6", vulnerable: true, }, { criteria: "cpe:2.3:a:linux-pam:linux-pam:1.1.3:*:*:*:*:*:*:*", matchCriteriaId: "4B696CDD-C93E-4E88-B2DC-BB9978D879E2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Stack-based buffer overflow in the _assemble_line function in modules/pam_env/pam_env.c in Linux-PAM (aka pam) before 1.1.5 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long string of white spaces at the beginning of the ~/.pam_environment file.", }, { lang: "es", value: "Desbordamiento de búfer basado en pila en la función _assemble_line en modules/pam_env/ pam_env.c en Linux-PAM (también conocido como PAM) anterior a v1.1.5 permite a usuarios locales provocar una denegación de servicio (caída) y posiblemente ejecutar código arbitrario a través de una larga cadena de los espacios en blanco al principio del archivo ~/.pam_environment.", }, ], id: "CVE-2011-3148", lastModified: "2024-11-21T01:29:50.770", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2012-07-22T17:55:01.057", references: [ { source: "cve@mitre.org", url: "http://git.fedorahosted.org/git/?p=linux-pam.git%3Ba=commitdiff%3Bh=caf5e7f61c8d9288daa49b4f61962e6b1239121d", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/46583", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/49711", }, { source: "cve@mitre.org", url: "http://security.gentoo.org/glsa/glsa-201206-31.xml", }, { source: "cve@mitre.org", url: "http://www.ubuntu.com/usn/USN-1237-1", }, { source: "cve@mitre.org", url: "https://bugs.launchpad.net/ubuntu/+source/pam/+bug/874469", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://git.fedorahosted.org/git/?p=linux-pam.git%3Ba=commitdiff%3Bh=caf5e7f61c8d9288daa49b4f61962e6b1239121d", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/46583", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/49711", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://security.gentoo.org/glsa/glsa-201206-31.xml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.ubuntu.com/usn/USN-1237-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://bugs.launchpad.net/ubuntu/+source/pam/+bug/874469", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }