Lucene search
Ubuntu.comUB:CVE-2014-2583HistoryApr 10, 2014 - 12:00 a.m.
CVE-2014-2583
2014-04-1000:00:00
ubuntu.com
ubuntu.com
11
0.003 Low
EPSS
Percentile
71.6%
Multiple directory traversal vulnerabilities in pam_timestamp.c in the
pam_timestamp module for Linux-PAM (aka pam) 1.1.8 allow local users to
create arbitrary files or possibly bypass authentication via a โฆ (dot dot)
in the (1) PAM_RUSER value to the get_ruser function or (2) PAM_TTY value
to the check_tty function, which is used by the format_timestamp_name
function.
Notes
| Author | Note |
|---|---|
| jdstrand | Ubuntu does not use pam_timestamp.so by default |
References
Related
prion
prion
Directory traversal
2014-04-10 20:29:00
cve
cve
CVE-2014-2583
2014-04-10 20:29:20
nessus
nessus
SuSE 11.3 Security Update : pam (SAT Patch Number 9119)
2014-05-13 00:00:00
Amazon Linux AMI : pam (ALAS-2014-354)
2014-10-12 00:00:00
Fedora 20 : pam-1.1.8-2.fc20 (2014-16350)
2014-12-18 00:00:00
debiancve
debiancve
CVE-2014-2583
2014-04-10 20:29:20
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2014:0631-1)
2021-06-09 00:00:00
Mageia: Security Advisory (MGASA-2015-0213)
2022-01-28 00:00:00
Fedora Update for pam FEDORA-2014-16350
2014-12-19 00:00:00
seebug
seebug
Linux-PAM "pam_timestamp"ๆจกๅ็ฎๅฝ้ๅๆผๆด
2014-04-10 00:00:00
cvelist
cvelist
CVE-2014-2583
2014-04-10 14:00:00
amazon
amazon
Medium: pam
2014-06-15 16:18:00
fedora
fedora
[SECURITY] Fedora 20 Update: pam-1.1.8-2.fc20
2014-12-18 06:07:52
mageia
mageia
Updated pam packages fix security vulnerabilities
2015-05-12 22:37:48
ubuntu
ubuntu
PAM regression
2016-03-16 00:00:00
PAM regression
2016-03-17 00:00:00
PAM vulnerabilities
2016-03-16 00:00:00
cloudfoundry
cloudfoundry
USN-2935-2 PAM regression | Cloud Foundry
2016-05-06 00:00:00
gentoo
gentoo
Linux-PAM: Multiple vulnerabilities
2016-05-31 00:00:00