4 matches found
Ubuntu: Security Advisory (USN-1140-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2010-3430
The privilege-dropping implementation in the 1 pamenv and 2 pammail modules in Linux-PAM aka pam 1.1.2 does not perform the required setfsgid and setgroups system calls, which might allow local users to obtain sensitive information by leveraging unintended group permissions, as demonstrated by a...
CVE-2010-3430
CVE-2010-3430 documents a privilege drop flaw in Linux-PAM (pam_env and pam_mail) where setfsgid/setgroups aren’t called, enabling local users to glean sensitive info via a symlink attack on ~/.pam_environment. The issue stems from Linux-PAM before version 1.1.2 pam_env/pam_mail reading files wit...
CVE-2010-3430
The privilege-dropping implementation in the 1 pamenv and 2 pammail modules in Linux-PAM aka pam 1.1.2 does not perform the required setfsgid and setgroups system calls, which might allow local users to obtain sensitive information by leveraging unintended group permissions, as demonstrated by a...