CVE-2011-3149

🗓️ 22 Jul 2012 17:00:00Reported by Debian Security Bug TrackerType

debiancve

debiancve🔗 security-tracker.debian.org👁 27 Views

The _expand_arg function in Linux-PAM before version 1.1.5 allows local users to cause denial of servic

Reporter	Title	Published	Views	Family All 76
Amazon	Medium: pam	2 Mar 201300:00	–	amazon
Tenable Nessus	Amazon Linux AMI : pam (ALAS-2013-160)	4 Sep 201300:00	–	nessus
Tenable Nessus	CentOS 6 : pam (CESA-2013:0521)	10 Mar 201300:00	–	nessus
Tenable Nessus	Debian DSA-2326-1 : pam - several vulnerabilities	25 Oct 201100:00	–	nessus
Tenable Nessus	Fedora 15 : pam-1.1.5-1.fc15 (2011-16365)	12 Dec 201100:00	–	nessus
Tenable Nessus	Fedora 16 : pam-1.1.5-1.fc16 (2011-16390)	5 Dec 201100:00	–	nessus
Tenable Nessus	GLSA-201206-31 : Linux-PAM: Multiple vulnerabilities	26 Jun 201200:00	–	nessus
Tenable Nessus	MiracleLinux 4 : pam-1.1.1-13.AXS4 (AXSA:2013-122:01)	16 Jan 202600:00	–	nessus
Tenable Nessus	Oracle Linux 6 : pam (ELSA-2013-0521)	12 Jul 201300:00	–	nessus
Tenable Nessus	RHEL 6 : pam (RHSA-2013:0521)	21 Feb 201300:00	–	nessus

OS	OS Version	Architecture	Package	Package Version	Filename
Debian	11	any	pam	1.1.3-5	pam_1.1.3-5_any.deb
Debian	12	any	pam	1.1.3-5	pam_1.1.3-5_any.deb
Debian	13	any	pam	1.1.3-5	pam_1.1.3-5_any.deb
Debian	14	any	pam	1.1.3-5	pam_1.1.3-5_any.deb
Debian	999	any	pam	1.1.3-5	pam_1.1.3-5_any.deb

22 Jul 2012 17:00Current

5.8Medium risk

Vulners AI Score5.8

CVSS 22.1

EPSS0.00532

linux-pam pam_env module denial of service