Lucene search

K
suseSuseSUSE-SU-2011:1218-1
HistoryNov 04, 2011 - 3:08 p.m.

Security update for pam (important)

2011-11-0415:08:22
lists.opensuse.org
25
pam module update
stack overflow
dos condition
.pam_environment files
missing return value check
unix

EPSS

0

Percentile

10.1%

The pam_env module was vulnerable to a stack overflow
(CVE-2011-3148) and a DoS condition (CVE-2011-3149) when
parsing users .pam_environment files. Additionally a
missing return value check inside pam_xauth has been fixed
(CVE-2010-3316).