CVE-2010-4706

2011-01-2400:00:00

ubuntu.com

4.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

0.0004 Low

EPSS

Percentile

5.2%

JSON

The pam_sm_close_session function in pam_xauth.c in the pam_xauth module in
Linux-PAM (aka pam) 1.1.2 and earlier does not properly handle a failure to
determine a certain target uid, which might allow local users to delete
unintended files by executing a program that relies on the pam_xauth PAM
check.

Bugs

Notes

Author	Note
sbeattie	pam_xauth.so not enabled in default install
mdeslaur	introduced by this bugfix: http://git.altlinux.org/people/ldv/packages/?p=pam.git;a=commitdiff;h=60530da87ddd4ce280fbd5cae182dc7ac3b1a154#patch2 see complete patch list in CVE-2010-3435

OSVersionArchitecturePackageVersionFilename
ubuntu8.04noarchpam< 0.99.7.1-5ubuntu6.3UNKNOWN
ubuntu10.04noarchpam< 1.1.1-2ubuntu5.2UNKNOWN
ubuntu10.10noarchpam< 1.1.1-4ubuntu2.2UNKNOWN
ubuntu11.04noarchpam< 1.1.2-2ubuntu8.2UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	8.04	noarch	pam	< 0.99.7.1-5ubuntu6.3	UNKNOWN
ubuntu	10.04	noarch	pam	< 1.1.1-2ubuntu5.2	UNKNOWN
ubuntu	10.10	noarch	pam	< 1.1.1-4ubuntu2.2	UNKNOWN
ubuntu	11.04	noarch	pam	< 1.1.2-2ubuntu8.2	UNKNOWN