Lucene search
K

4 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 5:57 a.m.4 views

SUSE CVE-2010-3431

The privilege-dropping implementation in the 1 pamenv and 2 pammail modules in Linux-PAM aka pam 1.1.2 does not check the return value of the setfsuid system call, which might allow local users to obtain sensitive information by leveraging an unintended uid, as demonstrated by a symlink attack on...

1.9CVSS6.2AI score0.00349EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2011/06/06 12:0 a.m.31 views

Ubuntu: Security Advisory (USN-1140-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.9CVSS6.7AI score0.01929EPSS
Exploits1References2
Cvelist
Cvelist
added 2011/01/24 5:0 p.m.53 views

CVE-2010-3431

The privilege-dropping implementation in the 1 pamenv and 2 pammail modules in Linux-PAM aka pam 1.1.2 does not check the return value of the setfsuid system call, which might allow local users to obtain sensitive information by leveraging an unintended uid, as demonstrated by a symlink attack on...

5.4AI score0.00349EPSS
Exploits0References16
CVE
CVE
added 2011/01/24 5:0 p.m.94 views

CVE-2010-3431

The CVE-2010-3431 entry concerns Linux-PAM (pam) privilege elevation via pam_env/pam_mail. Affected if using pam before 1.1.2 where setfsuid return values are not checked, enabling local users to obtain sensitive information through root-privilege filesystem activity (notably a symlink attack on ...

1.9CVSS5.5AI score0.00349EPSS
Exploits0References16Affected Software1
Rows per page
Query Builder