Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2010-4706HistoryJan 24, 2011 - 7:00 p.m.
CVE-2010-4706
2011-01-2419:00:00
Debian Security Bug Tracker
security-tracker.debian.org
7
0.0004 Low
EPSS
Percentile
5.2%
The pam_sm_close_session function in pam_xauth.c in the pam_xauth module in Linux-PAM (aka pam) 1.1.2 and earlier does not properly handle a failure to determine a certain target uid, which might allow local users to delete unintended files by executing a program that relies on the pam_xauth PAM check.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | pam | < 1.1.3-1 | pam_1.1.3-1_all.deb |
| Debian | 11 | all | pam | < 1.1.3-1 | pam_1.1.3-1_all.deb |
| Debian | 10 | all | pam | < 1.1.3-1 | pam_1.1.3-1_all.deb |
| Debian | 999 | all | pam | < 1.1.3-1 | pam_1.1.3-1_all.deb |
| Debian | 13 | all | pam | < 1.1.3-1 | pam_1.1.3-1_all.deb |
Related
prion
prion
Authentication flaw
2011-01-24 19:00:00
cve
cve
CVE-2010-4706
2011-01-24 19:00:00
cvelist
cvelist
CVE-2010-4706
2011-01-24 18:00:00
ubuntucve
ubuntucve
CVE-2010-4706
2011-01-24 00:00:00
ubuntu
ubuntu
PAM vulnerabilities
2011-05-30 00:00:00
PAM regression
2011-05-31 00:00:00
openvas
openvas
Ubuntu Update for pam USN-1140-1
2011-06-06 00:00:00
Ubuntu: Security Advisory (USN-1140-2)
2011-06-06 00:00:00
Ubuntu Update for pam USN-1140-2
2011-06-06 00:00:00
nessus
nessus
Ubuntu 8.04 LTS / 10.04 LTS / 10.10 / 11.04 : pam regression (USN-1140-2)
2011-06-13 00:00:00
GLSA-201206-31 : Linux-PAM: Multiple vulnerabilities
2012-06-26 00:00:00
gentoo
gentoo
Linux-PAM: Multiple vulnerabilities
2012-06-25 00:00:00