Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2011-3148HistoryJul 22, 2012 - 5:55 p.m.
CVE-2011-3148
2012-07-2217:55:00
Debian Security Bug Tracker
security-tracker.debian.org
9
4.6 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
0.0004 Low
EPSS
Percentile
5.2%
Stack-based buffer overflow in the _assemble_line function in modules/pam_env/pam_env.c in Linux-PAM (aka pam) before 1.1.5 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long string of white spaces at the beginning of the ~/.pam_environment file.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | pam | < 1.1.3-5 | pam_1.1.3-5_all.deb |
| Debian | 11 | all | pam | < 1.1.3-5 | pam_1.1.3-5_all.deb |
| Debian | 10 | all | pam | < 1.1.3-5 | pam_1.1.3-5_all.deb |
| Debian | 999 | all | pam | < 1.1.3-5 | pam_1.1.3-5_all.deb |
| Debian | 13 | all | pam | < 1.1.3-5 | pam_1.1.3-5_all.deb |
Related
prion
prion
Stack overflow
2012-07-22 17:55:00
veracode
veracode
Denial Of Service (DoS)
2019-01-15 08:57:42
ubuntucve
ubuntucve
CVE-2011-3148
2011-10-24 00:00:00
cve
cve
CVE-2011-3148
2012-07-22 17:55:00
nessus
nessus
CentOS 6 : pam (CESA-2013:0521)
2013-03-10 00:00:00
Scientific Linux Security Update : pam on SL6.x i386/x86_64 (20130221)
2013-03-01 00:00:00
openSUSE Security Update : pam (openSUSE-SU-2011:1204-1)
2014-06-13 00:00:00
openvas
openvas
CentOS Update for pam CESA-2013:0521 centos6
2013-03-12 00:00:00
Oracle: Security Advisory (ELSA-2013-0521)
2015-10-06 00:00:00
Amazon Linux: Security Advisory (ALAS-2013-160)
2015-09-08 00:00:00
osv
osv
pam - several
2011-10-24 00:00:00
f5
f5
SOL16878 - PAM vulnerabilities CVE-2011-3148 and CVE-2011-3149
2015-07-02 00:00:00
K16878 : PAM vulnerabilities CVE-2011-3148 and CVE-2011-3149
2015-07-02 00:00:00
securityvulns
securityvulns
pam buffer overflow
2011-10-26 00:00:00
[SECURITY] [DSA 2326-1] pam security update
2011-10-26 00:00:00
oraclelinux
oraclelinux
pam security, bug fix, and enhancement update
2013-02-22 00:00:00
centos
centos
pam security update
2013-02-27 19:37:13
redhat
redhat
suse
suse
pam: fixing stack overflow (CVE-2011-3148), a local DoS (CVE-2011-3149) and CVE-2010-3316. (important)
2011-11-03 00:08:35
Security update for pam (important)
2011-11-03 00:08:45
debian
debian
[SECURITY] [DSA 2326-1] pam security update
2011-10-24 17:06:11
amazon
amazon
Medium: pam
2013-03-02 16:48:00
ubuntu
ubuntu
PAM vulnerabilities
2011-10-24 00:00:00
gentoo
gentoo
Linux-PAM: Multiple vulnerabilities
2012-06-25 00:00:00
4.6 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
0.0004 Low
EPSS
Percentile
5.2%
Related for DEBIANCVE:CVE-2011-3148