Oracle: Security Advisory (ELSA-2013-0521)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Amazon Linux: Security Advisory (ALAS-2013-160)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SOL16878 - PAM vulnerabilities CVE-2011-3148 and CVE-2011-3149

Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL995...

RHEL 6 : rhev-hypervisor6 (RHSA-2013:0579)

The remote Redhat Enterprise Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2013:0579 advisory. The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization...

openSUSE Security Update : pam (openSUSE-SU-2011:1204-1)

The pamenv module is vulnerable to a stack overflow CVE-2011-3148 and a DoS condition CVE-2011-3149 when parsing users .pamenvironment files. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...

Amazon Linux AMI : pam (ALAS-2013-160)

A stack-based buffer overflow flaw was found in the way the pamenv module parsed users' '/.pamenvironment' files. If an application's PAM configuration contained 'userreadenv=1' this is not the default, a local attacker could use this flaw to crash the application or, possibly, escalate their...

Oracle Linux 6 : pam (ELSA-2013-0521)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2013-0521 advisory. - fix environment file handling problems - CVE-2011-3148 746619 and CVE-2011-3148 746620 Tenable has extracted the preceding description block directly...

CentOS Update for pam CESA-2013:0521 centos6

Check for the Version of pam OpenVAS Vulnerability Test CentOS Update for pam CESA-2013:0521 centos6 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...

CentOS 6 : pam (CESA-2013:0521)

Updated pam packages that fix two security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which...

Medium: pam

Issue Overview: A stack-based buffer overflow flaw was found in the way the pamenv module parsed users' "/.pamenvironment" files. If an application's PAM configuration contained "userreadenv=1" this is not the default, a local attacker could use this flaw to crash the application or, possibly,...

Scientific Linux Security Update : pam on SL6.x i386/x86_64 (20130221)

A stack-based buffer overflow flaw was found in the way the pamenv module parsed users' '/.pamenvironment' files. If an application's PAM configuration contained 'userreadenv=1' this is not the default, a local attacker could use this flaw to crash the application or, possibly, escalate their...

RedHat Update for pam RHSA-2013:0521-02

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

RHEL 6 : pam (RHSA-2013:0521)

Updated pam packages that fix two security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which...

CVE-2011-3149

The vulnerability CVE-2011-3149 affects the pam_env module of Linux-PAM (pam) up to version before 1.1.5. The root cause is improper handling of environment variable expansion, which can overflow and allow a local attacker to cause a denial of service via CPU consumption. Affected component is pa...

Fedora Update for pam FEDORA-2011-16390

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

SuSE 11.1 Security Update : pam (SAT Patch Number 5342)

The pamenv module is vulnerable to a stack overflow CVE-2011-3148 and a DoS condition CVE-2011-3149 when parsing users .pamenvironment files. Additionally a missing return value check inside pamxauth has been fixed. CVE-2010-3316 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptiv...

SuSE 10 Security Update : pam (ZYPP Patch Number 7814)

The pamenv module is vulnerable to a stack overflow CVE-2011-3148 and a DoS condition CVE-2011-3149 when parsing users .pamenvironment files. Additionally a missing return value check inside pamxauth has been fixed. CVE-2010-3316 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text...

Fedora 15 : pam-1.1.5-1.fc15 (2011-16365)

Low impact security update from upstream. Only minor and safe changes. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...

Fedora Update for pam FEDORA-2011-16365

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

pam: fixing stack overflow (CVE-2011-3148), a local DoS (CVE-2011-3149) and CVE-2010-3316. (important)

The pamenv module is vulnerable to a stack overflow CVE-2011-3148 and a DoS condition CVE-2011-3149 when parsing users .pamenvironment files. Additionally a missing return value check inside pamxauth has been fixed CVE-2010-3316...