Lucene search
K

189 matches found

RedHat Linux
RedHat Linux
added 2015/11/19 3:38 a.m.3 views

openssh: Privilege separation weakness related to PAM support

A flaw was found in the way OpenSSH handled PAM authentication when using privilege separation. An attacker with valid credentials on the system and able to fully compromise a non-privileged pre-authentication process using a different flaw could use this flaw to authenticate as other users...

6.4CVSS7.1AI score0.00378EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2015/08/20 12:0 a.m.46 views

RedHat Update for pam RHSA-2015:1640-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.9AI score0.02705EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2015/08/19 12:0 a.m.36 views

RHEL 6 / 7 : pam (RHSA-2015:1640)

An updated pam package that fixes one security issue is now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availabl...

6.5CVSS6.2AI score0.02705EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2015/08/18 6:45 p.m.44 views

Moderate: Red Hat Security Advisory: pam security update

An updated pam package that fixes one security issue is now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availabl...

6.5CVSS6.5AI score0.02705EPSS
Exploits1References2
CNVD
CNVD
added 2015/08/14 12:0 a.m.1 views

OpenSSH PAM Support Remote Code Execution Vulnerability

OpenSSH OpenBSD Secure Shell is a set of connection tools for secure access to remote computers maintained by the OpenBSD Project Group. The tools are an open source implementation of the SSH protocol and support encryption of all transmissions, effectively blocking eavesdropping, connection...

8.4AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2015/08/14 12:0 a.m.9 views

PT-2015-3449 · Openssh +5 · Openssh +5

Name of the Vulnerable Software and Affected Versions: OpenSSH versions prior to 7.0 Description: The issue is related to a use-after-free vulnerability in the mm answer pam free ctx function in monitor.c in sshd. This vulnerability might allow local users to gain privileges by leveraging control...

10CVSS7.7AI score0.9986EPSS
Exploits208References412
CNVD
CNVD
added 2015/07/10 12:0 a.m.2 views

Linux-PAM '_unix_run_helper_binary()' function denial of service vulnerability

Linux-PAM also known as PAM is an authentication mechanism for use in the Linux platform that gives system administrators the freedom to choose the authentication mechanism used by an application by providing a number of dynamically linked libraries and a set of unified APIs. A denial-of-service...

6.5CVSS6.7AI score0.02705EPSS
Exploits1References1
Fedora
Fedora
added 2015/06/30 8:20 p.m.29 views

[SECURITY] Fedora 22 Update: pam-1.1.8-19.fc22

PAM Pluggable Authentication Modules is a system security tool that allows system administrators to set authentication policy without having to recompile programs that handle authentication...

6.5CVSS3.5AI score0.02705EPSS
Exploits1
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.5 views

Vulnerabilities of the Red Hat Enterprise Linux operating system that allow malicious actors to compromise the confidentiality, integrity, and accessibility of protected information

Multiple vulnerabilities exist in the pam-1.1.1 package of the Red Hat Enterprise Linux operating system. Exploitation of these vulnerabilities may lead to breaches of confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited locally...

7.2CVSS5.7AI score0.00416EPSS
Exploits0References6
Fedora
Fedora
added 2014/12/18 6:7 a.m.38 views

[SECURITY] Fedora 20 Update: pam-1.1.8-2.fc20

PAM Pluggable Authentication Modules is a system security tool that allows system administrators to set authentication policy without having to recompile programs that handle authentication...

5.8CVSS3.5AI score0.04087EPSS
Exploits2
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.17 views

Sun Solaris <= 2.5.1 PAM & unix_scheme Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/201/info There is a buffer overflow condition on arguments in Pluggable Authentication Modules PAM and unixscheme 5.4 and 5.3. Therefore, an unauthorized user could exploit this vulnerability via the passwd program to gai...

7.1AI score
Exploits0
FreeBSD Advisory
FreeBSD Advisory
added 2014/06/03 12:0 a.m.11 views

FreeBSD-SA-14:13.pam

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-14:13.pam Security Advisory The FreeBSD Project Topic: Incorrect error handling in PAM policy parser Category: contrib Module: pam Announced: 2014-06-03 Credits...

9.8CVSS7.2AI score0.02698EPSS
Exploits0
OSV
OSV
added 2014/04/10 12:0 a.m.3 views

UBUNTU-CVE-2014-2583

Multiple directory traversal vulnerabilities in pamtimestamp.c in the pamtimestamp module for Linux-PAM aka pam 1.1.8 allow local users to create arbitrary files or possibly bypass authentication via a .. dot dot in the 1 PAMRUSER value to the getruser function or 2 PAMTTY value to the checktty...

5.8CVSS6.5AI score0.04087EPSS
Exploits2References5
ATTACKERKB
ATTACKERKB
added 2013/07/17 1:41 p.m.3 views

CVE-2013-3813

Unspecified vulnerability in Oracle Solaris 10 allows remote attackers to affect confidentiality and integrity via vectors related to Libraries/PAM-Unix...

5.8CVSS5.6AI score0.01182EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2013/03/12 12:0 a.m.37 views

CentOS Update for pam CESA-2013:0521 centos6

Check for the Version of pam OpenVAS Vulnerability Test CentOS Update for pam CESA-2013:0521 centos6 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...

4.6CVSS6.5AI score0.00696EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2013/02/22 12:0 a.m.33 views

RedHat Update for pam RHSA-2013:0521-02

Check for the Version of pam OpenVAS Vulnerability Test RedHat Update for pam RHSA-2013:0521-02 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...

4.6CVSS6.5AI score0.00696EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2013/02/22 12:0 a.m.34 views

RedHat Update for pam RHSA-2013:0521-02

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

4.6CVSS6.4AI score0.00696EPSS
Exploits0References3
OSV
OSV
added 2012/07/22 5:55 p.m.1 views

DEBIAN-CVE-2011-3148

Stack-based buffer overflow in the assembleline function in modules/pamenv/pamenv.c in Linux-PAM aka pam before 1.1.5 allows local users to cause a denial of service crash and possibly execute arbitrary code via a long string of white spaces at the beginning of the /.pamenvironment file...

4.6CVSS7.8AI score0.00696EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2012/04/02 12:0 a.m.26 views

Fedora Update for pam FEDORA-2011-16390

Check for the Version of pam OpenVAS Vulnerability Test Fedora Update for pam FEDORA-2011-16390 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...

2.1CVSS6.5AI score0.00532EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2011/12/12 12:0 a.m.24 views

Fedora Update for pam FEDORA-2011-16365

Check for the Version of pam OpenVAS Vulnerability Test Fedora Update for pam FEDORA-2011-16365 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...

2.1CVSS0.00532EPSS
Exploits0References2
Rows per page
Query Builder