15 matches found
EUVD-2010-3428
Malware in sbrugna...
EUVD-2010-3433
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2010-3435
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The 1 pamenv and 2 pammail modules in Linux-PAM aka pam before 1.1.2 use root privileges during read access to files and directories that belong to arbitrary us...
SUSE CVE-2011-3149
The expandarg function in the pamenv module modules/pamenv/pamenv.c in Linux-PAM aka pam before 1.1.5 does not properly handle when environment variable expansion can overflow, which allows local users to cause a denial of service CPU consumption...
openSUSE Security Update : pam (openSUSE-SU-2011:1204-1)
The pamenv module is vulnerable to a stack overflow CVE-2011-3148 and a DoS condition CVE-2011-3149 when parsing users .pamenvironment files. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...
Medium: pam
Issue Overview: A stack-based buffer overflow flaw was found in the way the pamenv module parsed users' "/.pamenvironment" files. If an application's PAM configuration contained "userreadenv=1" this is not the default, a local attacker could use this flaw to crash the application or, possibly,...
Design/Logic Flaw
The expandarg function in the pamenv module modules/pamenv/pamenv.c in Linux-PAM aka pam before 1.1.5 does not properly handle when environment variable expansion can overflow, which allows local users to cause a denial of service CPU consumption...
CVE-2011-3149
The expandarg function in the pamenv module modules/pamenv/pamenv.c in Linux-PAM aka pam before 1.1.5 does not properly handle when environment variable expansion can overflow, which allows local users to cause a denial of service CPU consumption...
CVE-2011-3149
The vulnerability CVE-2011-3149 affects the pam_env module of Linux-PAM (pam) up to version before 1.1.5. The root cause is improper handling of environment variable expansion, which can overflow and allow a local attacker to cause a denial of service via CPU consumption. Affected component is pa...
SuSE 10 Security Update : pam (ZYPP Patch Number 7815)
The pamenv module is vulnerable to a stack overflow CVE-2011-3148 and a DoS condition CVE-2011-3149 when parsing users .pamenvironment files. Additionally a missing return value check inside pamxauth has been fixed. CVE-2010-3316 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text...
CVE-2010-4708
The pamenv module in Linux-PAM aka pam 1.1.2 and earlier reads the .pamenvironment file in a user's home directory, which might allow local users to run programs with an unintended environment by executing a program that relies on the pamenv PAM check...
DEBIAN-CVE-2010-4708
The pamenv module in Linux-PAM aka pam 1.1.2 and earlier reads the .pamenvironment file in a user's home directory, which might allow local users to run programs with an unintended environment by executing a program that relies on the pamenv PAM check...
CVE-2010-4708
The pamenv module in Linux-PAM aka pam 1.1.2 and earlier reads the .pamenvironment file in a user's home directory, which might allow local users to run programs with an unintended environment by executing a program that relies on the pamenv PAM check...
CVE-2010-4708
The pamenv module in Linux-PAM aka pam 1.1.2 and earlier reads the .pamenvironment file in a user's home directory, which might allow local users to run programs with an unintended environment by executing a program that relies on the pamenv PAM check...
CVE-2010-4708
The pamenv module in Linux-PAM aka pam 1.1.2 and earlier reads the .pamenvironment file in a user's home directory, which might allow local users to run programs with an unintended environment by executing a program that relies on the pamenv PAM check...