93 matches found
Siemens RuggedCom Rox Path Traversal (CVE-2025-6020)
A flaw was found in linux-pam. The module pamnamespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions. This plugin only works with Tenable.ot. Please visit...
Huawei EulerOS: Security Advisory for pam (EulerOS-SA-2026-1508)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
NewStart CGSL MAIN 6.06 (SP) : pam Multiple Vulnerabilities (NS-SA-2026-0005)
The remote NewStart CGSL host, running version MAIN 6.06 SP, has pam packages installed that are affected by multiple vulnerabilities: - pamnamespace.c in the pamnamespace module in Linux-PAM aka pam before 1.1.3 uses the environment of the invoking application or service during execution of the...
Advisory ROSA-SA-2026-3197
Software: pam 1.3.1 OS: ROSA Virtualization 2.1 unaffected versions = pam-1.3.1-39.rv3 affected versions pam-1.3.1-39.rv3 CVE-ID: CVE-2025-6020 BDU-ID: 2025-07273 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the pamnamespace module of the Linux-PAM authentication module is caused by a race...
Advisory ROSA-SA-2026-3179
Software: pam 1.3.1 OS: ROSA Virtualization 3.0 unaffected versions = pam-1.3.1-39.0.2.rv30 affected versions pam-1.3.1-39.0.2.rv30 CVE-ID: CVE-2025-6020 BDU-ID: 2025-07273 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the pamnamespace module of the Linux-PAM authentication module is caused by a...
Advisory ROSA-SA-2026-3159
Software: pam 1.3.1 OS: ROSA Virtualization 3.1 unaffected versions = pam-1.3.1-39.0.2.rv31 affected versions pam-1.3.1-39.0.2.rv31 CVE-ID: CVE-2025-6020 BDU-ID: 2025-07273 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the pamnamespace module of the Linux-PAM authentication module is caused by a...
EulerOS Virtualization 2.10.1 : pam (EulerOS-SA-2026-1137)
According to the versions of the pam package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in linux-pam. The module pamnamespace may use access user-controlled paths without proper protection, allowing local...
MiracleLinux 7 : pam-1.1.8-23.0.1.0.2.el7.AXS7 (AXSA:2025-10893:07)
The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10893:07 advisory. CVE-2025-6020: fix potential privilege escalation in pamnamspace CVEs: CVE-2025-6020 A flaw was found in linux-pam. The module pamnamespace may use access...
Security Bulletin:Vulnerability in pam affects IBM Netezza Appliance
Summary The pam package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVE CVE-2025-8941 Vulnerability Details CVEID:CVE-2025-8941 DESCRIPTION: A flaw was found in linux-pam. The pamnamespace module may improperly handle user-controlled paths, allowing local...
Huawei EulerOS: Security Advisory for pam (EulerOS-SA-2025-2591)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 2.13.1 : pam (EulerOS-SA-2025-2556)
According to the versions of the pam packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in linux-pam. The pamnamespace module may improperly handle user-controlled paths, allowing local users to exploit...
Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-7.1.1.1)
The version of AOS installed on the remote host is prior to 7.1.1.1. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-7.1.1.1 advisory. - Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache Tomcat. For a subset of unlikely...
Oracle Linux 10 : ELSA-2025-20181-0: / pam (ELSA-2025-201810)
The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-201810 advisory. 1.6.1-8 - pamnamespace: fix potential privilege escalation. Resolves: CVE-2025-6020 and RHEL-101174 Tenable has extracted the preceding description block...
Advisory ROSA-SA-2025-3089
Software: pam 1.1.8 OS: rosa-server79 unaffected versions = pam-1.1.8-23.0.3.res7 affected versions pam-1.1.8-23.0.3.res7 CVE-ID: CVE-2025-6020 BDU-ID: 2025-07273 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the pamnamespace module of the Linux-PAM authentication module is caused by a race...
Huawei EulerOS: Security Advisory for pam (EulerOS-SA-2025-2442)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP13 : pam (EulerOS-SA-2025-2452)
According to the versions of the pam packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in linux-pam. The pamnamespace module may improperly handle user-controlled paths, allowing local users to exploit symlink attacks a...
linux-pam: Linux-pam directory Traversal
A flaw was found in linux-pam. The module pamnamespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions...
Amazon Linux 2023 : pam, pam-devel (ALAS2023-2025-1257)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1257 advisory. A flaw was found in linux-pam. The pamnamespace module may improperly handle user-controlled paths, allowing local users to exploit symlink attacks and race conditions to elevate their privileges to...
Amazon Linux 2 : pam, --advisory ALAS2-2025-3057 (ALAS-2025-3057)
The version of pam installed on the remote host is prior to 1.1.8-23. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-3057 advisory. A flaw was found in linux-pam. The pamnamespace module may improperly handle user-controlled paths, allowing local users to exploit...
Medium: pam
Issue Overview: A flaw was found in linux-pam. The pamnamespace module may improperly handle user-controlled paths, allowing local users to exploit symlink attacks and race conditions to elevate their privileges to root. This CVE provides a "complete" fix for CVE-2025-6020. CVE-2025-8941 Affected...