Lucene search
RootSSV:62120HistoryApr 10, 2014 - 12:00 a.m.
Linux-PAM "pam_timestamp"模块目录遍历漏洞
2014-04-1000:00:00
Root
www.seebug.org
19
0.003 Low
EPSS
Percentile
71.6%
CVE ID:CVE-2014-2583
Linux-PAM是一款基于Linux的插入式验证模块。
通过PAM_RUSER和PAM_TTY传递的输入在用于创建文件时缺少校验,允许攻击者利用漏洞通过特制的PAM_RUSER或PAM_TTY值来绕过验证或创建任意文件。
0
Linux-PAM 1.x
目前厂商已经发布了升级补丁以修复漏洞,请下载使用:
https://git.fedorahosted.org/cgit/linux-pam.git/commit/?id=Linux-PAM-1_1_8-32-g9dcead8
Related
prion
prion
Directory traversal
2014-04-10 20:29:00
cve
cve
CVE-2014-2583
2014-04-10 20:29:20
ubuntucve
ubuntucve
CVE-2014-2583
2014-04-10 00:00:00
nvd
nvd
CVE-2014-2583
2014-04-10 20:29:20
nessus
nessus
SuSE 11.3 Security Update : pam (SAT Patch Number 9119)
2014-05-13 00:00:00
Fedora 20 : pam-1.1.8-2.fc20 (2014-16350)
2014-12-18 00:00:00
Amazon Linux AMI : pam (ALAS-2014-354)
2014-10-12 00:00:00
debiancve
debiancve
CVE-2014-2583
2014-04-10 20:29:20
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2014:0631-1)
2021-06-09 00:00:00
Mageia: Security Advisory (MGASA-2015-0213)
2022-01-28 00:00:00
Amazon Linux: Security Advisory (ALAS-2014-354)
2015-09-08 00:00:00
cvelist
cvelist
CVE-2014-2583
2014-04-10 14:00:00
amazon
amazon
Medium: pam
2014-06-15 16:18:00
fedora
fedora
[SECURITY] Fedora 20 Update: pam-1.1.8-2.fc20
2014-12-18 06:07:52
mageia
mageia
Updated pam packages fix security vulnerabilities
2015-05-12 22:37:48
ubuntu
ubuntu
PAM regression
2016-03-16 00:00:00
PAM regression
2016-03-17 00:00:00
PAM vulnerabilities
2016-03-16 00:00:00
cloudfoundry
cloudfoundry
USN-2935-2 PAM regression | Cloud Foundry
2016-05-06 00:00:00
gentoo
gentoo
Linux-PAM: Multiple vulnerabilities
2016-05-31 00:00:00