CVE-2010-3435

2011-01-2400:00:00

ubuntu.com

4.7 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:M/Au:N/C:C/I:N/A:N

0.0004 Low

EPSS

Percentile

9.4%

JSON

The (1) pam_env and (2) pam_mail modules in Linux-PAM (aka pam) before
1.1.2 use root privileges during read access to files and directories that
belong to arbitrary user accounts, which might allow local users to obtain
sensitive information by leveraging this filesystem activity, as
demonstrated by a symlink attack on the .pam_environment file in a user’s
home directory.

Bugs

<http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=599832>

Notes

Author	Note
mdeslaur	All patched below are needed, only two first were included in 1.1.2, and second introduced CVE-2010-3430 and CVE-2010-3431, which is fixed by second patch.

OSVersionArchitecturePackageVersionFilename
ubuntu8.04noarchpam< 0.99.7.1-5ubuntu6.3UNKNOWN
ubuntu10.04noarchpam< 1.1.1-2ubuntu5.2UNKNOWN
ubuntu10.10noarchpam< 1.1.1-4ubuntu2.2UNKNOWN
ubuntu11.04noarchpam< 1.1.2-2ubuntu8.2UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	8.04	noarch	pam	< 0.99.7.1-5ubuntu6.3	UNKNOWN
ubuntu	10.04	noarch	pam	< 1.1.1-2ubuntu5.2	UNKNOWN
ubuntu	10.10	noarch	pam	< 1.1.1-4ubuntu2.2	UNKNOWN
ubuntu	11.04	noarch	pam	< 1.1.2-2ubuntu8.2	UNKNOWN