Lucene search
K

27 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/14 12:0 a.m.4 views

MiracleLinux 3 : pam-0.99.6.2-6.2.0.1.AXS3 (AXSA:2010-484:02)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2010-484:02 advisory. PAM Pluggable Authentication Modules is a system security tool that allows system administrators to set authentication policy without having to...

6.9CVSS5.5AI score0.00416EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/03/03 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2010-3316

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The runcoprocess function in pamxauth.c in the pamxauth module in Linux-PAM aka pam before 1.1.2 does not check the return values of the setuid, setgid, and...

3.3CVSS6AI score0.00366EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.25 views

RHEL 4 : pam (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - pam: pamenv and pammail accessing users' file with root privileges CVE-2010-3435 - pam: pamxauth: Does no...

4.7CVSS6.8AI score0.00366EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.27 views

RHEL 3 : pam (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 3 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - pam: pamenv and pammail accessing users' file with root privileges CVE-2010-3435 - The runcoprocess...

4.7CVSS5.3AI score0.00366EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2019/10/15 12:0 a.m.30 views

NewStart CGSL CORE 5.04 / MAIN 5.04 : pam Multiple Vulnerabilities (NS-SA-2019-0198)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has pam packages installed that are affected by multiple vulnerabilities: - pamunix.so in Linux-PAM 0.99.7.0 allows context- dependent attackers to log into accounts whose password hash, as stored in /etc/passwd or /etc/shadow,...

7.2CVSS6.3AI score0.04121EPSS
Exploits2References8
OpenVAS
OpenVAS
added 2015/10/06 12:0 a.m.29 views

Oracle: Security Advisory (ELSA-2010-0891)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.2CVSS5.1AI score0.00416EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2013/07/12 12:0 a.m.42 views

Oracle Linux 5 : pam (ELSA-2010-0819)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2010-0819 advisory. - fix insecure dropping of priviledges in pamxauth and pammail - CVE-2010-3316 637898, CVE-2010-3435 641335 Tenable has extracted the preceding...

6.9CVSS5.5AI score0.00416EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2012/08/01 12:0 a.m.29 views

Scientific Linux Security Update : pam on SL5.x i386/x86_64

It was discovered that the pamnamespace module executed the external script namespace.init with an unchanged environment inherited from an application calling PAM. In cases where such an environment was untrusted for example, when pamnamespace was configured for setuid applications such as su or...

6.9CVSS5.8AI score0.00416EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2011/12/13 12:0 a.m.34 views

SuSE 10 Security Update : pam (ZYPP Patch Number 7814)

The pamenv module is vulnerable to a stack overflow CVE-2011-3148 and a DoS condition CVE-2011-3149 when parsing users .pamenvironment files. Additionally a missing return value check inside pamxauth has been fixed. CVE-2010-3316 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text...

4.6CVSS5.2AI score0.00696EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2011/12/13 12:0 a.m.35 views

SuSE 11.1 Security Update : pam (SAT Patch Number 5342)

The pamenv module is vulnerable to a stack overflow CVE-2011-3148 and a DoS condition CVE-2011-3149 when parsing users .pamenvironment files. Additionally a missing return value check inside pamxauth has been fixed. CVE-2010-3316 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptiv...

4.6CVSS5.2AI score0.00696EPSS
Exploits0References9
OPENSUSE Linux
OPENSUSE Linux
added 2011/11/03 12:8 a.m.36 views

pam: fixing stack overflow (CVE-2011-3148), a local DoS (CVE-2011-3149) and CVE-2010-3316. (important)

The pamenv module is vulnerable to a stack overflow CVE-2011-3148 and a DoS condition CVE-2011-3149 when parsing users .pamenvironment files. Additionally a missing return value check inside pamxauth has been fixed CVE-2010-3316...

4.6CVSS4.3AI score0.00696EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2011/11/03 12:0 a.m.30 views

SuSE 10 Security Update : pam (ZYPP Patch Number 7815)

The pamenv module is vulnerable to a stack overflow CVE-2011-3148 and a DoS condition CVE-2011-3149 when parsing users .pamenvironment files. Additionally a missing return value check inside pamxauth has been fixed. CVE-2010-3316 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text...

4.6CVSS5.2AI score0.00696EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2011/06/06 12:0 a.m.31 views

Ubuntu: Security Advisory (USN-1140-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.9CVSS6.7AI score0.01929EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2011/03/08 12:0 a.m.31 views

VMSA-2011-0004 : VMware ESX/ESXi SLPD denial of service vulnerability and ESX third-party updates for Service Console packages bind, pam, and rpm.

a. Service Location Protocol daemon DoS This patch fixes a denial-of-service vulnerability in the Service Location Protocol daemon SLPD. Exploitation of this vulnerability could cause SLPD to consume significant CPU resources. VMware would like to thank Nicolas Gregoire and US CERT for reporting...

7.2CVSS6.1AI score0.17223EPSS
Exploits1References11
Oracle linux
Oracle linux
added 2011/02/10 12:0 a.m.38 views

pam security update

1.1.1-4.1 - fix insecure dropping of priviledges in pamxauth, pamenv, and pammail - CVE-2010-3316 637898, CVE-2010-3435 641335 - fix insecure executing of scripts with user supplied environment variables in pamnamespace - CVE-2010-3853 643043...

7.2CVSS2.5AI score0.00416EPSS
Exploits0
CVE
CVE
added 2011/01/24 5:0 p.m.94 views

CVE-2010-3316

CVE-2010-3316 affects the pam_xauth module of Linux-PAM before 1.1.2. The issue is in pam_xauth.c: the run_coprocess function does not validate the return values of setuid, setgid, and setgroups, which may allow a local attacker to read arbitrary files by exploiting the pam_xauth PAM check. The c...

3.3CVSS5.9AI score0.00366EPSS
Exploits0References21Affected Software1
UbuntuCve
UbuntuCve
added 2011/01/24 12:0 a.m.54 views

CVE-2010-3316

The runcoprocess function in pamxauth.c in the pamxauth module in Linux-PAM aka pam before 1.1.2 does not check the return values of the setuid, setgid, and setgroups system calls, which might allow local users to read arbitrary files by executing a program that relies on the pamxauth PAM check...

3.3CVSS6AI score0.00366EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2010/12/02 12:0 a.m.28 views

Fedora Update for pam FEDORA-2010-17155

The remote host is missing an update for the SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

6.9CVSS6.5AI score0.00416EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2010/11/24 12:0 a.m.28 views

CentOS 5 : pam (CESA-2010:0819)

Updated pam packages that fix three security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

6.9CVSS5.9AI score0.00416EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2010/11/23 12:0 a.m.28 views

Fedora Update for pam FEDORA-2010-17133

The remote host is missing an update for the SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

6.9CVSS6.5AI score0.00416EPSS
Exploits0References2
Rows per page
Query Builder