Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
freebsdFreeBSDE51D5B1A-4638-11E1-9F47-00E0815B8DA8
HistoryDec 23, 2011 - 12:00 a.m.

FreeBSD -- pam_ssh() does not validate service names

2011-12-2300:00:00
vuxml.freebsd.org
5

0.001 Low

EPSS

Percentile

26.3%

JSON

Problem Description:
Some third-party applications, including KDE’s kcheckpass command,
allow the user to specify the name of the policy on the command
line. Since OpenPAM treats the policy name as a path relative to
/etc/pam.d or /usr/local/etc/pam.d, users who are permitted to run
such an application can craft their own policies and cause the
application to load and execute their own modules.

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchfreebsd= 7.3UNKNOWN
FreeBSDanynoarchfreebsd< 7.3_9UNKNOWN

Related

openvas 2
cvelist 2
prion 2
securityvulns 2
cve 2
freebsd_advisory 1
nessus 1
openvas
openvas
FreeBSD Ports: FreeBSD
2012-02-12 00:00:00
FreeBSD Ports: FreeBSD
2012-02-12 00:00:00
cvelist
cvelist
CVE-2011-4122
2011-11-17 19:00:00
CVE-2011-5054
2012-01-06 21:00:00
prion
prion
Directory traversal
2011-11-17 19:55:00
Design/Logic Flaw
2012-01-06 21:55:00
securityvulns
securityvulns
FreeBSD multiple security vulnerabilities
2012-01-02 00:00:00
FreeBSD Security Advisory FreeBSD-SA-11:10.pam
2012-01-02 00:00:00
cve
cve
CVE-2011-4122
2011-11-17 19:55:00
CVE-2011-5054
2012-01-06 21:55:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-11:10.pam
2011-12-23 00:00:00
nessus
nessus
FreeBSD : FreeBSD -- pam_ssh() does not validate service names (e51d5b1a-4638-11e1-9f47-00e0815b8da8)
2012-01-31 00:00:00

0.001 Low

EPSS

Percentile

26.3%

JSON
Related for E51D5B1A-4638-11E1-9F47-00E0815B8DA8
openvas2cvelist2prion2securityvulns2cve2freebsd_advisory1nessus1