| Reporter | Title | Published | Views | Family All 190 |
|---|---|---|---|---|
| Security Bulletin: Vulnerability in pam affects IBM Integrated Management Module II (IMM2) for System x, Flex and BladeCenter systems (CVE-2013-7041) | 14 Apr 202314:32 | – | ibm | |
| Security Bulletin: IBM Flex System Manager (FSM) is affected by a Pluggable Authentication Module (PAM) vulnerability (CVE-2013-7041) | 18 Jun 201801:33 | – | ibm | |
| Security Bulletin: Vulnerabilities in PAM affect Power Hardware Management Console (CVE-2013-7041 and CVE-2015-3238) | 23 Sep 202101:31 | – | ibm | |
| Medium: pam | 15 Jun 201400:00 | – | amazon | |
| Amazon Linux AMI : pam (ALAS-2014-354) | 12 Oct 201400:00 | – | nessus | |
| CentOS 5 : pam (CESA-2010:0819) | 24 Nov 201000:00 | – | nessus | |
| Fedora 10 : pam-1.0.4-4.fc10 (2009-3204) | 23 Apr 200900:00 | – | nessus | |
| Fedora 9 : pam-1.0.4-4.fc9 (2009-3231) | 15 Apr 200900:00 | – | nessus | |
| Fedora 13 : pam-1.1.1-6.fc13 (2010-17112) | 5 Nov 201000:00 | – | nessus | |
| Fedora 12 : pam-1.1.1-6.fc12 (2010-17133) | 18 Nov 201000:00 | – | nessus |
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from ZTE advisory NS-SA-2026-0005. The text
# itself is copyright (C) ZTE, Inc.
##
include('compat.inc');
if (description)
{
script_id(301209);
script_version("1.1");
script_set_attribute(attribute:"plugin_modification_date", value:"2026/03/06");
script_cve_id(
"CVE-2007-0003",
"CVE-2009-0579",
"CVE-2010-3316",
"CVE-2010-3435",
"CVE-2010-3853",
"CVE-2013-7041",
"CVE-2014-2583"
);
script_name(english:"NewStart CGSL MAIN 6.06 (SP) : pam Multiple Vulnerabilities (NS-SA-2026-0005)");
script_set_attribute(attribute:"synopsis", value:
"The remote NewStart CGSL host is affected by multiple vulnerabilities.");
script_set_attribute(attribute:"description", value:
"The remote NewStart CGSL host, running version MAIN 6.06 (SP), has pam packages installed that are affected by multiple
vulnerabilities:
- pam_namespace.c in the pam_namespace module in Linux-PAM (aka pam) before 1.1.3 uses the environment of
the invoking application or service during execution of the namespace.init script, which might allow local
users to gain privileges by running a setuid program that relies on the pam_namespace PAM check, as
demonstrated by the sudo program. (CVE-2010-3853)
- pam_unix.so in Linux-PAM 0.99.7.0 allows context-dependent attackers to log into accounts whose password
hash, as stored in /etc/passwd or /etc/shadow, has only two characters. (CVE-2007-0003)
- Linux-PAM before 1.0.4 does not enforce the minimum password age (MINDAYS) as specified in /etc/shadow,
which allows local users to bypass intended security policy and change their passwords sooner than
specified. (CVE-2009-0579)
- The run_coprocess function in pam_xauth.c in the pam_xauth module in Linux-PAM (aka pam) before 1.1.2 does
not check the return values of the setuid, setgid, and setgroups system calls, which might allow local
users to read arbitrary files by executing a program that relies on the pam_xauth PAM check.
(CVE-2010-3316)
- The (1) pam_env and (2) pam_mail modules in Linux-PAM (aka pam) before 1.1.2 use root privileges during
read access to files and directories that belong to arbitrary user accounts, which might allow local users
to obtain sensitive information by leveraging this filesystem activity, as demonstrated by a symlink
attack on the .pam_environment file in a user's home directory. (CVE-2010-3435)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://security.gd-linux.com/notice/NS-SA-2026-0005");
script_set_attribute(attribute:"see_also", value:"https://security.gd-linux.com/info/CVE-2007-0003");
script_set_attribute(attribute:"see_also", value:"https://security.gd-linux.com/info/CVE-2009-0579");
script_set_attribute(attribute:"see_also", value:"https://security.gd-linux.com/info/CVE-2010-3316");
script_set_attribute(attribute:"see_also", value:"https://security.gd-linux.com/info/CVE-2010-3435");
script_set_attribute(attribute:"see_also", value:"https://security.gd-linux.com/info/CVE-2010-3853");
script_set_attribute(attribute:"see_also", value:"https://security.gd-linux.com/info/CVE-2013-7041");
script_set_attribute(attribute:"see_also", value:"https://security.gd-linux.com/info/CVE-2014-2583");
script_set_attribute(attribute:"solution", value:
"Upgrade the vulnerable CGSL pam packages. Note that updated packages may not be available yet. Please contact ZTE for
more information.");
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2007-0003");
script_set_attribute(attribute:"cvss3_score_source", value:"CVE-2010-3853");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2007/01/23");
script_set_attribute(attribute:"patch_publication_date", value:"2026/03/04");
script_set_attribute(attribute:"plugin_publication_date", value:"2026/03/06");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_main:pam");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:zte:cgsl_main:pam-devel");
script_set_attribute(attribute:"cpe", value:"cpe:/o:zte:cgsl_main:6");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"NewStart CGSL Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2026 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info2.nasl");
script_require_keys("Host/local_checks_enabled", "Host/ZTE-CGSL/release", "Host/ZTE-CGSL/rpm-list", "Host/cpu");
exit(0);
}
include('rpm2.inc');
if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item('Host/ZTE-CGSL/release');
if (isnull(os_release) || os_release !~ "^CGSL (MAIN|CORE)") audit(AUDIT_OS_NOT, 'NewStart Carrier Grade Server Linux');
if (os_release !~ "CGSL\sMAIN\s6\.06\s\(SP\)")
audit(AUDIT_OS_NOT, 'NewStart CGSL MAIN 6.06 (SP)');
if (!get_kb_item('Host/ZTE-CGSL/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'NewStart Carrier Grade Server Linux', cpu);
var flag = 0;
var pkgs = {
'CGSL MAIN 6.06 (SP)': [
'pam-1.3.1-16.0.1.zncgsl6_6.1.t1.0',
'pam-devel-1.3.1-16.0.1.zncgsl6_6.1.t1.0'
]
};
var pkg_list = pkgs[os_release];
var pkg;
foreach (pkg in pkg_list)
if (rpm_check(reference:pkg, release:'ZTE ' + os_release, rpm_spec_vers_cmp:TRUE)) flag++;
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : rpm_report_get()
);
exit(0);
}
else
{
var tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'pam');
}
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation