Lucene search
K

37 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2015-3238

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The unixrunhelperbinary function in the pamunix module in Linux-PAM aka pam before 1.2.1, when unable to directly access passwords, allows local users to...

6.5CVSS6.6AI score0.02705EPSS
Exploits1References2
IBM Security Bulletins
IBM Security Bulletins
added 2023/03/29 1:48 a.m.54 views

Security Bulletin: Vulnerability in Pluggable Authentication Modules (PAM) affects IBM SAN Volume Controller and Storwize Family (CVE-2015-3238)

Summary There is a vulnerability in Pluggable Authentication Modules PAM that is used by IBM SAN Volume Controller and Storwize Family. These issues were disclosed by Red Hat in August 2015. Vulnerability Details CVEID: CVE-2015-3238 DESCRIPTION: Linux-PAM could allow a local attacker to obtain...

6.5CVSS6.7AI score0.02705EPSS
Exploits1Affected Software5
F5 Networks
F5 Networks
added 2023/02/21 6:52 p.m.36 views

K17494: PAM vulnerability CVE-2015-3238

Security Advisory Description The unixrunhelperbinary function in the pamunix module in Linux-PAM aka pam before 1.2.1, when unable to directly access passwords, allows local users to enumerate usernames or cause a denial of service hang via a large password. CVE-2015-3238 Impact This vulnerabili...

6.5CVSS6AI score0.02705EPSS
Exploits1Affected Software18
IBM Security Bulletins
IBM Security Bulletins
added 2023/02/18 1:45 a.m.60 views

Security Bulletin:A vulnerability in the Linux Pluggable Authentication Module (PAM) affects the IBM FlashSystem models 840 and 900 (CVE-2015-3238)

Summary There is a vulnerability in Linux Pluggable Authentication Module PAM to which the IBM® FlashSystem™ 840 and IBM FlashSystem 900 are susceptible. An exploit of this vulnerability could allow a remote attacker to expose sensitive information and/or cause a denial of service. Vulnerability...

6.5CVSS6.8AI score0.02705EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/09/23 1:31 a.m.30 views

Security Bulletin: Vulnerabilities in pam affect Power Management Console (CVE-2015-3238)

Summary PAM is used by Power Hardware Management Console HMC and HMC has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2015-3238 DESCRIPTION: Linux-PAM could allow a local attacker to obtain sensitive information, caused by an error in the unixrunhelperbinary function in the...

6.5CVSS6.2AI score0.02705EPSS
Exploits1Affected Software1
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.33 views

SUSE: Security Advisory (SUSE-SU-2017:2701-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS8.3AI score0.57595EPSS
Exploits32References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.20 views

SUSE: Security Advisory (SUSE-SU-2016:1645-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.4AI score0.02705EPSS
Exploits1References6
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.17 views

SUSE: Security Advisory (SUSE-SU-2017:1398-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.2AI score0.02705EPSS
Exploits1References6
IBM Security Bulletins
IBM Security Bulletins
added 2020/07/19 12:49 a.m.41 views

Security Bulletin: Pam vulnerability affects IBM SmartCloud Entry (CVE-2015-3238)

Summary IBM SmartCloud Entry is vulnerable to a pam vulnerability, which allows a local attacker exploit this vulnerability to enumerate user names and cause the system to hang. Vulnerability Details CVEID: CVE-2015-3238 DESCRIPTION: Linux-PAM could allow a local attacker to obtain sensitive...

6.5CVSS0.7AI score0.02705EPSS
Exploits1Affected Software1
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.27 views

Huawei EulerOS: Security Advisory for pam (EulerOS-SA-2018-1375)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.9AI score0.02705EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2018/11/21 12:0 a.m.29 views

EulerOS Virtualization 2.5.1 : pam (EulerOS-SA-2018-1375)

According to the version of the pam package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - It was discovered that the unixrunhelperbinary function of PAM's unixpam module could write to a blocking pipe, possibly causing the...

6.5CVSS6.3AI score0.02705EPSS
Exploits1References2
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/18 12:10 a.m.29 views

Security Bulletin: A vulnerability in the Linux Pluggable Authentication Module (PAM) affects the IBM FlashSystem model V840 (CVE-2015-3238)

Summary There is a vulnerability in the Linux Pluggable Authentication Module PAM to which the IBM® FlashSystem™ V840 is susceptible. An exploit of this vulnerability could allow a remote attacker to expose sensitive information and/or cause a denial of service. Vulnerability Details CVEID:...

6.5CVSS0.4AI score0.02705EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/18 12:10 a.m.52 views

Security Bulletin: A vulnerability in the Linux Pluggable Authentication Module (PAM) affects the IBM FlashSystem model V9000 (CVE-2015-3238)

Summary There is a vulnerability in Linux Pluggable Authentication Module PAM to which the IBM® FlashSystem™ V9000 is susceptible. An exploit of this vulnerability could allow a remote attacker to expose sensitive information and/or cause a denial of service. Vulnerability Details CVEID:...

6.5CVSS0.6AI score0.02705EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 9:39 p.m.34 views

Security Bulletin: Vulnerabilities in Open Source pam affect IBM Security Identity Governance Appliance (CVE-2015-3238)

Summary Vulnerabilities in Open Source pam that is used by IBM Security Identity Governance Vulnerability Details CVEID: CVE-2015-3238 DESCRIPTION: Linux-PAM could allow a local attacker to obtain sensitive information, caused by an error in the unixrunhelperbinary function in the pamunix module...

6.5CVSS1AI score0.02705EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 9:39 p.m.30 views

Security Bulletin: A Linux-PAM vulnerability affects IBM Security Access Manager for Mobile (CVE-2015-3238)

Summary Pluggable Authentication Modules PAM provide a system whereby administrators can set up authentication policies without having to recompile programs to handle authentication. IBM Security Access Manager for Mobile is affected by a Linux-PAM vulnerability. Vulnerability Details CVEID:...

6.5CVSS1.2AI score0.02705EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 9:39 p.m.29 views

Security Bulletin: A Linux-PAM vulnerability affects IBM Security Access Manager for Web (CVE-2015-3238)

Summary Pluggable Authentication Modules PAM provide a system whereby administrators can set up authentication policies without having to recompile programs to handle authentication. IBM Security Access Manager for Web is affected by a Linux-PAM vulnerability. Vulnerability Details CVEID:...

6.5CVSS1.3AI score0.02705EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 9:31 p.m.42 views

Security Bulletin: A vulnerability in Pluggable Authentication Modules (PAM) affects IBM Security Network Protection (CVE-2015-3238)

Summary Pluggable Authentication Modules PAM provide a system whereby administrators can set up authentication policies without having to recompile programs to handle authentication. A security vulnerability has been discovered in PAM used with IBM Security Network Protection. Vulnerability Detai...

6.5CVSS0.7AI score0.02705EPSS
Exploits1Affected Software1
Tenable Nessus
Tenable Nessus
added 2017/05/25 12:0 a.m.78 views

SUSE SLED12 / SLES12 Security Update : pam (SUSE-SU-2017:1398-1)

This update for pam fixes the following issues : - CVE-2015-3238: pamunix in conjunction with SELinux allowed for DoS attacks bsc934920. - log a hint to syslog if /etc/nologin is present, but empty bsc1015565. - If /etc/nologin is present, but empty, log a hint to syslog. bsc1015565 - Added suppo...

6.5CVSS6AI score0.02705EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2016/08/29 12:0 a.m.34 views

SUSE SLES11 Security Update : pam (SUSE-SU-2016:1645-1)

This update for pam fixes two security issues. These security issues were fixed : - CVE-2015-3238: pamunix in conjunction with SELinux allowed for DoS attacks bsc934920. - CVE-2013-7041: Compare password hashes case-sensitively bsc854480. The update package also includes non-security fixes. See...

6.5CVSS6.5AI score0.02705EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2016/05/31 12:0 a.m.31 views

GLSA-201605-05 : Linux-PAM: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201605-05 Linux-PAM: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Linux-PAM. Please review the CVE identifiers referenced below for details. Impact : Remote attackers could cause Denial of Service,...

6.5CVSS6.3AI score0.04121EPSS
Exploits3References4
Rows per page
Query Builder