4 matches found
SUSE CVE-2010-3431
The privilege-dropping implementation in the 1 pamenv and 2 pammail modules in Linux-PAM aka pam 1.1.2 does not check the return value of the setfsuid system call, which might allow local users to obtain sensitive information by leveraging an unintended uid, as demonstrated by a symlink attack on...
Ubuntu: Security Advisory (USN-1140-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2010-3431
The privilege-dropping implementation in the 1 pamenv and 2 pammail modules in Linux-PAM aka pam 1.1.2 does not check the return value of the setfsuid system call, which might allow local users to obtain sensitive information by leveraging an unintended uid, as demonstrated by a symlink attack on...
CVE-2010-3431
The CVE-2010-3431 entry concerns Linux-PAM (pam) privilege elevation via pam_env/pam_mail. Affected if using pam before 1.1.2 where setfsuid return values are not checked, enabling local users to obtain sensitive information through root-privilege filesystem activity (notably a symlink attack on ...