Lucene search
K

4 matches found

OpenVAS
OpenVAS
added 2011/06/06 12:0 a.m.31 views

Ubuntu: Security Advisory (USN-1140-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.9CVSS6.7AI score0.01929EPSS
Exploits1References2
OSV
OSV
added 2011/01/24 6:0 p.m.6 views

CVE-2010-3430

The privilege-dropping implementation in the 1 pamenv and 2 pammail modules in Linux-PAM aka pam 1.1.2 does not perform the required setfsgid and setgroups system calls, which might allow local users to obtain sensitive information by leveraging unintended group permissions, as demonstrated by a...

5.5AI score
Exploits0References16
CVE
CVE
added 2011/01/24 5:0 p.m.110 views

CVE-2010-3430

CVE-2010-3430 documents a privilege drop flaw in Linux-PAM (pam_env and pam_mail) where setfsgid/setgroups aren’t called, enabling local users to glean sensitive info via a symlink attack on ~/.pam_environment. The issue stems from Linux-PAM before version 1.1.2 pam_env/pam_mail reading files wit...

4.7CVSS5.5AI score0.0034EPSS
Exploits0References16Affected Software1
Cvelist
Cvelist
added 2011/01/24 5:0 p.m.32 views

CVE-2010-3430

The privilege-dropping implementation in the 1 pamenv and 2 pammail modules in Linux-PAM aka pam 1.1.2 does not perform the required setfsgid and setgroups system calls, which might allow local users to obtain sensitive information by leveraging unintended group permissions, as demonstrated by a...

5.4AI score0.0034EPSS
Exploits0References16
Rows per page
Query Builder