Vulnerabilities > CVE-2010-3853 - Unspecified vulnerability in Linux-Pam
Attack vector
LOCAL Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
pam_namespace.c in the pam_namespace module in Linux-PAM (aka pam) before 1.1.3 uses the environment of the invoking application or service during execution of the namespace.init script, which might allow local users to gain privileges by running a setuid program that relies on the pam_namespace PAM check, as demonstrated by the sudo program.
Vulnerable Configurations
Nessus
NASL family VMware ESX Local Security Checks NASL id VMWARE_VMSA-2011-0004.NASL description a. Service Location Protocol daemon DoS This patch fixes a denial-of-service vulnerability in the Service Location Protocol daemon (SLPD). Exploitation of this vulnerability could cause SLPD to consume significant CPU resources. VMware would like to thank Nicolas Gregoire and US CERT for reporting this issue to us. The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2010-3609 to this issue. b. Service Console update for bind This patch updates the bind-libs and bind-utils RPMs to version 9.3.6-4.P1.el5_5.3, which resolves multiple security issues. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2010-3613, CVE-2010-3614, and CVE-2010-3762 to these issues. c. Service Console update for pam This patch updates the pam RPM to pam_0.99.6.2-3.27.5437.vmw, which resolves multiple security issues with PAM modules. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2010-3316, CVE-2010-3435, and CVE-2010-3853 to these issues. d. Service Console update for rpm, rpm-libs, rpm-python, and popt This patch updates rpm, rpm-libs, and rpm-python RPMs to 4.4.2.3-20.el5_5.1, and popt to version 1.10.2.3-20.el5_5.1, which resolves a security issue. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2010-2059 to this issue. last seen 2020-06-01 modified 2020-06-02 plugin id 52582 published 2011-03-08 reporter This script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/52582 title VMSA-2011-0004 : VMware ESX/ESXi SLPD denial of service vulnerability and ESX third-party updates for Service Console packages bind, pam, and rpm. code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from VMware Security Advisory 2011-0004. # The text itself is copyright (C) VMware Inc. # include("compat.inc"); if (description) { script_id(52582); script_version("1.34"); script_cvs_date("Date: 2019/09/24 15:02:54"); script_cve_id("CVE-2005-4889", "CVE-2010-2059", "CVE-2010-2199", "CVE-2010-3316", "CVE-2010-3435", "CVE-2010-3609", "CVE-2010-3613", "CVE-2010-3614", "CVE-2010-3762", "CVE-2010-3853"); script_bugtraq_id(40512, 42472, 43487, 44590, 45133, 45137, 45385, 46772); script_xref(name:"VMSA", value:"2011-0004"); script_name(english:"VMSA-2011-0004 : VMware ESX/ESXi SLPD denial of service vulnerability and ESX third-party updates for Service Console packages bind, pam, and rpm."); script_summary(english:"Checks esxupdate output for the patches"); script_set_attribute( attribute:"synopsis", value: "The remote VMware ESXi / ESX host is missing one or more security-related patches." ); script_set_attribute( attribute:"description", value: "a. Service Location Protocol daemon DoS This patch fixes a denial-of-service vulnerability in the Service Location Protocol daemon (SLPD). Exploitation of this vulnerability could cause SLPD to consume significant CPU resources. VMware would like to thank Nicolas Gregoire and US CERT for reporting this issue to us. The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2010-3609 to this issue. b. Service Console update for bind This patch updates the bind-libs and bind-utils RPMs to version 9.3.6-4.P1.el5_5.3, which resolves multiple security issues. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2010-3613, CVE-2010-3614, and CVE-2010-3762 to these issues. c. Service Console update for pam This patch updates the pam RPM to pam_0.99.6.2-3.27.5437.vmw, which resolves multiple security issues with PAM modules. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2010-3316, CVE-2010-3435, and CVE-2010-3853 to these issues. d. Service Console update for rpm, rpm-libs, rpm-python, and popt This patch updates rpm, rpm-libs, and rpm-python RPMs to 4.4.2.3-20.el5_5.1, and popt to version 1.10.2.3-20.el5_5.1, which resolves a security issue. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2010-2059 to this issue." ); script_set_attribute( attribute:"see_also", value:"http://lists.vmware.com/pipermail/security-announce/2012/000159.html" ); script_set_attribute(attribute:"solution", value:"Apply the missing patches."); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:vmware:esx:4.0"); script_set_attribute(attribute:"cpe", value:"cpe:/o:vmware:esx:4.1"); script_set_attribute(attribute:"cpe", value:"cpe:/o:vmware:esxi:4.0"); script_set_attribute(attribute:"cpe", value:"cpe:/o:vmware:esxi:4.1"); script_set_attribute(attribute:"patch_publication_date", value:"2011/03/07"); script_set_attribute(attribute:"plugin_publication_date", value:"2011/03/08"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"VMware ESX Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/VMware/release", "Host/VMware/version"); script_require_ports("Host/VMware/esxupdate", "Host/VMware/esxcli_software_vibs"); exit(0); } include("audit.inc"); include("vmware_esx_packages.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/VMware/release")) audit(AUDIT_OS_NOT, "VMware ESX / ESXi"); if ( !get_kb_item("Host/VMware/esxcli_software_vibs") && !get_kb_item("Host/VMware/esxupdate") ) audit(AUDIT_PACKAGE_LIST_MISSING); init_esx_check(date:"2011-03-07"); flag = 0; if ( esx_check( ver : "ESX 4.0", patch : "ESX400-201103401-SG", patch_updates : make_list("ESX400-201104401-SG", "ESX400-201110401-SG", "ESX400-201111201-SG", "ESX400-201203401-SG", "ESX400-201205401-SG", "ESX400-201206401-SG", "ESX400-201209401-SG", "ESX400-201302401-SG", "ESX400-201305401-SG", "ESX400-201310401-SG", "ESX400-201404401-SG", "ESX400-Update03", "ESX400-Update04") ) ) flag++; if ( esx_check( ver : "ESX 4.0", patch : "ESX400-201103404-SG", patch_updates : make_list("ESX400-Update03", "ESX400-Update04") ) ) flag++; if ( esx_check( ver : "ESX 4.0", patch : "ESX400-201103406-SG", patch_updates : make_list("ESX400-201203405-SG", "ESX400-201209404-SG", "ESX400-Update03", "ESX400-Update04") ) ) flag++; if ( esx_check( ver : "ESX 4.0", patch : "ESX400-201103407-SG", patch_updates : make_list("ESX400-201305403-SG", "ESX400-Update03", "ESX400-Update04") ) ) flag++; if ( esx_check( ver : "ESX 4.1", patch : "ESX410-201101201-SG", patch_updates : make_list("ESX40-TO-ESX41UPDATE01", "ESX410-201104401-SG", "ESX410-201110201-SG", "ESX410-201201401-SG", "ESX410-201204401-SG", "ESX410-201205401-SG", "ESX410-201206401-SG", "ESX410-201208101-SG", "ESX410-201211401-SG", "ESX410-201301401-SG", "ESX410-201304401-SG", "ESX410-201307401-SG", "ESX410-201312401-SG", "ESX410-201404401-SG", "ESX410-Update01", "ESX410-Update02", "ESX410-Update03") ) ) flag++; if ( esx_check( ver : "ESX 4.1", patch : "ESX410-201104407-SG", patch_updates : make_list("ESX410-201211402-SG", "ESX410-201301402-SG", "ESX410-Update02", "ESX410-Update03") ) ) flag++; if ( esx_check( ver : "ESX 4.1", patch : "ESX410-201110207-SG", patch_updates : make_list("ESX410-Update02", "ESX410-Update03") ) ) flag++; if ( esx_check( ver : "ESXi 4.0", patch : "ESXi400-201103401-SG", patch_updates : make_list("ESXi400-201104401-SG", "ESXi400-201110401-SG", "ESXi400-201203401-SG", "ESXi400-201205401-SG", "ESXi400-201206401-SG", "ESXi400-201209401-SG", "ESXi400-201302401-SG", "ESXi400-201305401-SG", "ESXi400-201310401-SG", "ESXi400-201404401-SG", "ESXi400-Update03", "ESXi400-Update04") ) ) flag++; if ( esx_check( ver : "ESXi 4.1", patch : "ESXi410-201101201-SG", patch_updates : make_list("ESXi410-201104401-SG", "ESXi410-201110201-SG", "ESXi410-201201401-SG", "ESXi410-201204401-SG", "ESXi410-201205401-SG", "ESXi410-201206401-SG", "ESXi410-201208101-SG", "ESXi410-201211401-SG", "ESXi410-201301401-SG", "ESXi410-201304401-SG", "ESXi410-201307401-SG", "ESXi410-201312401-SG", "ESXi410-201404401-SG", "ESXi410-Update01", "ESXi410-Update02", "ESXi410-Update03") ) ) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:esx_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");NASL family Fedora Local Security Checks NASL id FEDORA_2010-17155.NASL description This update fixes moderate vulnerabilities in pam_env, pam_namespace, pam_mail, and pam_xauth modules. Default configurations (or configurations generated by authconfig) are not affected by the pam_mail and pam_namespace vulnerabilities. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 50508 published 2010-11-08 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/50508 title Fedora 14 : pam-1.1.1-6.fc14 (2010-17155) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory 2010-17155. # include("compat.inc"); if (description) { script_id(50508); script_version("1.12"); script_cvs_date("Date: 2019/08/02 13:32:32"); script_cve_id("CVE-2010-3316", "CVE-2010-3435", "CVE-2010-3853"); script_bugtraq_id(42472, 43487, 44590); script_xref(name:"FEDORA", value:"2010-17155"); script_name(english:"Fedora 14 : pam-1.1.1-6.fc14 (2010-17155)"); script_summary(english:"Checks rpm output for the updated package."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora host is missing a security update." ); script_set_attribute( attribute:"description", value: "This update fixes moderate vulnerabilities in pam_env, pam_namespace, pam_mail, and pam_xauth modules. Default configurations (or configurations generated by authconfig) are not affected by the pam_mail and pam_namespace vulnerabilities. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=637898" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=641335" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=643043" ); # https://lists.fedoraproject.org/pipermail/package-announce/2010-November/050475.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?cd3a90f5" ); script_set_attribute(attribute:"solution", value:"Update the affected pam package."); script_set_cvss_base_vector("CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:ND/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:pam"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:14"); script_set_attribute(attribute:"patch_publication_date", value:"2010/11/02"); script_set_attribute(attribute:"plugin_publication_date", value:"2010/11/08"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2010-2019 Tenable Network Security, Inc."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! ereg(pattern:"^14([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 14.x", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC14", reference:"pam-1.1.1-6.fc14")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "pam"); }NASL family Fedora Local Security Checks NASL id FEDORA_2010-17133.NASL description This update fixes moderate vulnerabilities in pam_env, pam_namespace, pam_mail, and pam_xauth modules. Default configurations (or configurations generated by authconfig) are not affected by the pam_mail and pam_namespace vulnerabilities. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 50626 published 2010-11-18 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/50626 title Fedora 12 : pam-1.1.1-6.fc12 (2010-17133) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory 2010-17133. # include("compat.inc"); if (description) { script_id(50626); script_version("1.10"); script_cvs_date("Date: 2019/08/02 13:32:32"); script_cve_id("CVE-2010-3316", "CVE-2010-3435", "CVE-2010-3853"); script_xref(name:"FEDORA", value:"2010-17133"); script_name(english:"Fedora 12 : pam-1.1.1-6.fc12 (2010-17133)"); script_summary(english:"Checks rpm output for the updated package."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora host is missing a security update." ); script_set_attribute( attribute:"description", value: "This update fixes moderate vulnerabilities in pam_env, pam_namespace, pam_mail, and pam_xauth modules. Default configurations (or configurations generated by authconfig) are not affected by the pam_mail and pam_namespace vulnerabilities. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=637898" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=641335" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=643043" ); # https://lists.fedoraproject.org/pipermail/package-announce/2010-November/050991.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?5c670c2f" ); script_set_attribute(attribute:"solution", value:"Update the affected pam package."); script_set_cvss_base_vector("CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:pam"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:12"); script_set_attribute(attribute:"patch_publication_date", value:"2010/11/02"); script_set_attribute(attribute:"plugin_publication_date", value:"2010/11/18"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2010-2019 Tenable Network Security, Inc."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! ereg(pattern:"^12([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 12.x", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC12", reference:"pam-1.1.1-6.fc12")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "pam"); }NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-1140-1.NASL description Marcus Granado discovered that PAM incorrectly handled configuration files with non-ASCII usernames. A remote attacker could use this flaw to cause a denial of service, or possibly obtain login access with a different users username. This issue only affected Ubuntu 8.04 LTS. (CVE-2009-0887) It was discovered that the PAM pam_xauth, pam_env and pam_mail modules incorrectly handled dropping privileges when performing operations. A local attacker could use this flaw to read certain arbitrary files, and access other sensitive information. (CVE-2010-3316, CVE-2010-3430, CVE-2010-3431, CVE-2010-3435) It was discovered that the PAM pam_namespace module incorrectly cleaned the environment during execution of the namespace.init script. A local attacker could use this flaw to possibly gain privileges. (CVE-2010-3853) It was discovered that the PAM pam_xauth module incorrectly handled certain failures. A local attacker could use this flaw to delete certain unintended files. (CVE-2010-4706) It was discovered that the PAM pam_xauth module incorrectly verified certain file properties. A local attacker could use this flaw to cause a denial of service. (CVE-2010-4707). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 55102 published 2011-06-13 reporter Ubuntu Security Notice (C) 2011-2019 Canonical, Inc. / NASL script (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/55102 title Ubuntu 8.04 LTS / 10.04 LTS / 10.10 / 11.04 : pam vulnerabilities (USN-1140-1) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Ubuntu Security Notice USN-1140-1. The text # itself is copyright (C) Canonical, Inc. See # <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered # trademark of Canonical, Inc. # include("compat.inc"); if (description) { script_id(55102); script_version("1.10"); script_cvs_date("Date: 2019/09/19 12:54:27"); script_cve_id("CVE-2009-0887", "CVE-2010-3316", "CVE-2010-3430", "CVE-2010-3431", "CVE-2010-3435", "CVE-2010-3853", "CVE-2010-4706", "CVE-2010-4707"); script_bugtraq_id(34010, 42472, 43487, 44590, 46045); script_xref(name:"USN", value:"1140-1"); script_name(english:"Ubuntu 8.04 LTS / 10.04 LTS / 10.10 / 11.04 : pam vulnerabilities (USN-1140-1)"); script_summary(english:"Checks dpkg output for updated package."); script_set_attribute( attribute:"synopsis", value:"The remote Ubuntu host is missing a security-related patch." ); script_set_attribute( attribute:"description", value: "Marcus Granado discovered that PAM incorrectly handled configuration files with non-ASCII usernames. A remote attacker could use this flaw to cause a denial of service, or possibly obtain login access with a different users username. This issue only affected Ubuntu 8.04 LTS. (CVE-2009-0887) It was discovered that the PAM pam_xauth, pam_env and pam_mail modules incorrectly handled dropping privileges when performing operations. A local attacker could use this flaw to read certain arbitrary files, and access other sensitive information. (CVE-2010-3316, CVE-2010-3430, CVE-2010-3431, CVE-2010-3435) It was discovered that the PAM pam_namespace module incorrectly cleaned the environment during execution of the namespace.init script. A local attacker could use this flaw to possibly gain privileges. (CVE-2010-3853) It was discovered that the PAM pam_xauth module incorrectly handled certain failures. A local attacker could use this flaw to delete certain unintended files. (CVE-2010-4706) It was discovered that the PAM pam_xauth module incorrectly verified certain file properties. A local attacker could use this flaw to cause a denial of service. (CVE-2010-4707). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://usn.ubuntu.com/1140-1/" ); script_set_attribute( attribute:"solution", value:"Update the affected libpam-modules package." ); script_set_cvss_base_vector("CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_cwe_id(189); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libpam-modules"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:10.04:-:lts"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:10.10"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:11.04"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:8.04:-:lts"); script_set_attribute(attribute:"vuln_publication_date", value:"2009/03/12"); script_set_attribute(attribute:"patch_publication_date", value:"2011/05/30"); script_set_attribute(attribute:"plugin_publication_date", value:"2011/06/13"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"Ubuntu Security Notice (C) 2011-2019 Canonical, Inc. / NASL script (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Ubuntu Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("ubuntu.inc"); include("misc_func.inc"); if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/Ubuntu/release"); if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu"); release = chomp(release); if (! preg(pattern:"^(8\.04|10\.04|10\.10|11\.04)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 8.04 / 10.04 / 10.10 / 11.04", "Ubuntu " + release); if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu); flag = 0; if (ubuntu_check(osver:"8.04", pkgname:"libpam-modules", pkgver:"0.99.7.1-5ubuntu6.3")) flag++; if (ubuntu_check(osver:"10.04", pkgname:"libpam-modules", pkgver:"1.1.1-2ubuntu5.2")) flag++; if (ubuntu_check(osver:"10.10", pkgname:"libpam-modules", pkgver:"1.1.1-4ubuntu2.2")) flag++; if (ubuntu_check(osver:"11.04", pkgname:"libpam-modules", pkgver:"1.1.2-2ubuntu8.2")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : ubuntu_report_get() ); exit(0); } else { tested = ubuntu_pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libpam-modules"); }NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2010-0891.NASL description Updated pam packages that fix three security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Pluggable Authentication Modules (PAM) provide a system whereby administrators can set up authentication policies without having to recompile programs that handle authentication. It was discovered that the pam_namespace module executed the external script namespace.init with an unchanged environment inherited from an application calling PAM. In cases where such an environment was untrusted (for example, when pam_namespace was configured for setuid applications such as su or sudo), a local, unprivileged user could possibly use this flaw to escalate their privileges. (CVE-2010-3853) It was discovered that the pam_env and pam_mail modules used root privileges while accessing user last seen 2020-06-01 modified 2020-06-02 plugin id 50644 published 2010-11-18 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/50644 title RHEL 6 : pam (RHSA-2010:0891) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2010:0891. The text # itself is copyright (C) Red Hat, Inc. # include("compat.inc"); if (description) { script_id(50644); script_version ("1.19"); script_cvs_date("Date: 2019/10/25 13:36:15"); script_cve_id("CVE-2010-3316", "CVE-2010-3435", "CVE-2010-3853", "CVE-2010-4707", "CVE-2010-4708"); script_bugtraq_id(42472, 43487, 44590); script_xref(name:"RHSA", value:"2010:0891"); script_name(english:"RHEL 6 : pam (RHSA-2010:0891)"); script_summary(english:"Checks the rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote Red Hat host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "Updated pam packages that fix three security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Pluggable Authentication Modules (PAM) provide a system whereby administrators can set up authentication policies without having to recompile programs that handle authentication. It was discovered that the pam_namespace module executed the external script namespace.init with an unchanged environment inherited from an application calling PAM. In cases where such an environment was untrusted (for example, when pam_namespace was configured for setuid applications such as su or sudo), a local, unprivileged user could possibly use this flaw to escalate their privileges. (CVE-2010-3853) It was discovered that the pam_env and pam_mail modules used root privileges while accessing user's files. A local, unprivileged user could use this flaw to obtain information, from the lines that have the KEY=VALUE format expected by pam_env, from an arbitrary file. Also, in certain configurations, a local, unprivileged user using a service for which the pam_mail module was configured for, could use this flaw to obtain limited information about files or directories that they do not have access to. (CVE-2010-3435) Note: As part of the fix for CVE-2010-3435, this update changes the default value of pam_env's configuration option user_readenv to 0, causing the module to not read user's ~/.pam_environment configuration file by default, as reading it may introduce unexpected changes to the environment of the service using PAM, or PAM modules consulted after pam_env. It was discovered that the pam_xauth module did not verify the return values of the setuid() and setgid() system calls. A local, unprivileged user could use this flaw to execute the xauth command with root privileges and make it read an arbitrary input file. (CVE-2010-3316) Red Hat would like to thank Sebastian Krahmer of the SuSE Security Team for reporting the CVE-2010-3435 issue. All pam users should upgrade to these updated packages, which contain backported patches to correct these issues." ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2010-3316" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2010-3435" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2010-3853" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2010-4707" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2010-4708" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2010:0891" ); script_set_attribute( attribute:"solution", value:"Update the affected pam, pam-debuginfo and / or pam-devel packages." ); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:pam"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:pam-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:pam-devel"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:6"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:6.0"); script_set_attribute(attribute:"vuln_publication_date", value:"2011/01/24"); script_set_attribute(attribute:"patch_publication_date", value:"2010/11/16"); script_set_attribute(attribute:"plugin_publication_date", value:"2010/11/18"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Red Hat Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat"); os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat"); os_ver = os_ver[1]; if (! preg(pattern:"^6([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 6.x", "Red Hat " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu); yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo"); if (!empty_or_null(yum_updateinfo)) { rhsa = "RHSA-2010:0891"; yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa); if (!empty_or_null(yum_report)) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : yum_report ); exit(0); } else { audit_message = "affected by Red Hat security advisory " + rhsa; audit(AUDIT_OS_NOT, audit_message); } } else { flag = 0; if (rpm_check(release:"RHEL6", reference:"pam-1.1.1-4.el6_0.1")) flag++; if (rpm_check(release:"RHEL6", reference:"pam-debuginfo-1.1.1-4.el6_0.1")) flag++; if (rpm_check(release:"RHEL6", reference:"pam-devel-1.1.1-4.el6_0.1")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : rpm_report_get() + redhat_report_package_caveat() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "pam / pam-debuginfo / pam-devel"); } }NASL family Misc. NASL id VMWARE_VMSA-2011-0004_REMOTE.NASL description The remote VMware ESX / ESXi host is missing a security-related patch. It is, therefore, affected by multiple vulnerabilities, including arbitrary code execution vulnerabilities, in several third-party components and libraries : - bind - pam - popt - rpm - rpm-libs - rpm-python - Service Location Protocol daemon (SLPD) last seen 2020-06-01 modified 2020-06-02 plugin id 89675 published 2016-03-04 reporter This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/89675 title VMware ESX / ESXi Third-Party Libraries Multiple Vulnerabilities (VMSA-2011-0004) (remote check) NASL family Scientific Linux Local Security Checks NASL id SL_20101116_PAM_ON_SL6_X.NASL description It was discovered that the pam_namespace module executed the external script namespace.init with an unchanged environment inherited from an application calling PAM. In cases where such an environment was untrusted (for example, when pam_namespace was configured for setuid applications such as su or sudo), a local, unprivileged user could possibly use this flaw to escalate their privileges. (CVE-2010-3853) It was discovered that the pam_env and pam_mail modules used root privileges while accessing user last seen 2020-06-01 modified 2020-06-02 plugin id 60901 published 2012-08-01 reporter This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/60901 title Scientific Linux Security Update : pam on SL6.x i386/x86_64 NASL family Fedora Local Security Checks NASL id FEDORA_2010-17112.NASL description This update fixes moderate vulnerabilities in pam_env, pam_namespace, pam_mail, and pam_xauth modules. Default configurations (or configurations generated by authconfig) are not affected by the pam_mail and pam_namespace vulnerabilities. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 50486 published 2010-11-05 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/50486 title Fedora 13 : pam-1.1.1-6.fc13 (2010-17112) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2010-0819.NASL description From Red Hat Security Advisory 2010:0819 : Updated pam packages that fix three security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Pluggable Authentication Modules (PAM) provide a system whereby administrators can set up authentication policies without having to recompile programs that handle authentication. It was discovered that the pam_namespace module executed the external script namespace.init with an unchanged environment inherited from an application calling PAM. In cases where such an environment was untrusted (for example, when pam_namespace was configured for setuid applications such as su or sudo), a local, unprivileged user could possibly use this flaw to escalate their privileges. (CVE-2010-3853) It was discovered that the pam_mail module used root privileges while accessing users last seen 2020-06-01 modified 2020-06-02 plugin id 68132 published 2013-07-12 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/68132 title Oracle Linux 5 : pam (ELSA-2010-0819) NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201206-31.NASL description The remote host is affected by the vulnerability described in GLSA-201206-31 (Linux-PAM: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Linux-PAM. Please review the CVE identifiers referenced below for details. Impact : A local attacker could use specially crafted files to cause a buffer overflow, possibly resulting in privilege escalation or Denial of Service. Furthermore, a local attacker could execute specially crafted programs or symlink attacks, possibly resulting in data loss or disclosure of sensitive information. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 59704 published 2012-06-26 reporter This script is Copyright (C) 2012-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/59704 title GLSA-201206-31 : Linux-PAM: Multiple vulnerabilities NASL family NewStart CGSL Local Security Checks NASL id NEWSTART_CGSL_NS-SA-2019-0198_PAM.NASL description The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has pam packages installed that are affected by multiple vulnerabilities: - pam_unix.so in Linux-PAM 0.99.7.0 allows context- dependent attackers to log into accounts whose password hash, as stored in /etc/passwd or /etc/shadow, has only two characters. (CVE-2007-0003) - Linux-PAM before 1.0.4 does not enforce the minimum password age (MINDAYS) as specified in /etc/shadow, which allows local users to bypass intended security policy and change their passwords sooner than specified. (CVE-2009-0579) - The run_coprocess function in pam_xauth.c in the pam_xauth module in Linux-PAM (aka pam) before 1.1.2 does not check the return values of the setuid, setgid, and setgroups system calls, which might allow local users to read arbitrary files by executing a program that relies on the pam_xauth PAM check. (CVE-2010-3316) - The (1) pam_env and (2) pam_mail modules in Linux-PAM (aka pam) before 1.1.2 use root privileges during read access to files and directories that belong to arbitrary user accounts, which might allow local users to obtain sensitive information by leveraging this filesystem activity, as demonstrated by a symlink attack on the .pam_environment file in a user last seen 2020-06-01 modified 2020-06-02 plugin id 129937 published 2019-10-15 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/129937 title NewStart CGSL CORE 5.04 / MAIN 5.04 : pam Multiple Vulnerabilities (NS-SA-2019-0198) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2010-0819.NASL description Updated pam packages that fix three security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Pluggable Authentication Modules (PAM) provide a system whereby administrators can set up authentication policies without having to recompile programs that handle authentication. It was discovered that the pam_namespace module executed the external script namespace.init with an unchanged environment inherited from an application calling PAM. In cases where such an environment was untrusted (for example, when pam_namespace was configured for setuid applications such as su or sudo), a local, unprivileged user could possibly use this flaw to escalate their privileges. (CVE-2010-3853) It was discovered that the pam_mail module used root privileges while accessing users last seen 2020-06-01 modified 2020-06-02 plugin id 50447 published 2010-11-02 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/50447 title RHEL 5 : pam (RHSA-2010:0819) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2010-0819.NASL description Updated pam packages that fix three security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Pluggable Authentication Modules (PAM) provide a system whereby administrators can set up authentication policies without having to recompile programs that handle authentication. It was discovered that the pam_namespace module executed the external script namespace.init with an unchanged environment inherited from an application calling PAM. In cases where such an environment was untrusted (for example, when pam_namespace was configured for setuid applications such as su or sudo), a local, unprivileged user could possibly use this flaw to escalate their privileges. (CVE-2010-3853) It was discovered that the pam_mail module used root privileges while accessing users last seen 2020-06-01 modified 2020-06-02 plugin id 50804 published 2010-11-24 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/50804 title CentOS 5 : pam (CESA-2010:0819) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2010-0891.NASL description From Red Hat Security Advisory 2010:0891 : Updated pam packages that fix three security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Pluggable Authentication Modules (PAM) provide a system whereby administrators can set up authentication policies without having to recompile programs that handle authentication. It was discovered that the pam_namespace module executed the external script namespace.init with an unchanged environment inherited from an application calling PAM. In cases where such an environment was untrusted (for example, when pam_namespace was configured for setuid applications such as su or sudo), a local, unprivileged user could possibly use this flaw to escalate their privileges. (CVE-2010-3853) It was discovered that the pam_env and pam_mail modules used root privileges while accessing user last seen 2020-06-01 modified 2020-06-02 plugin id 68144 published 2013-07-12 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/68144 title Oracle Linux 6 : pam (ELSA-2010-0891) NASL family Mandriva Local Security Checks NASL id MANDRIVA_MDVSA-2010-220.NASL description Multiple vulnerabilities were discovered and corrected in pam : The pam_xauth module did not verify the return values of the setuid() and setgid() system calls. A local, unprivileged user could use this flaw to execute the xauth command with root privileges and make it read an arbitrary input file (CVE-2010-3316). The pam_mail module used root privileges while accessing users last seen 2020-06-01 modified 2020-06-02 plugin id 50472 published 2010-11-04 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/50472 title Mandriva Linux Security Advisory : pam (MDVSA-2010:220) NASL family Scientific Linux Local Security Checks NASL id SL_20101101_PAM_ON_SL5_X.NASL description It was discovered that the pam_namespace module executed the external script namespace.init with an unchanged environment inherited from an application calling PAM. In cases where such an environment was untrusted (for example, when pam_namespace was configured for setuid applications such as su or sudo), a local, unprivileged user could possibly use this flaw to escalate their privileges. (CVE-2010-3853) It was discovered that the pam_mail module used root privileges while accessing users last seen 2020-06-01 modified 2020-06-02 plugin id 60882 published 2012-08-01 reporter This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/60882 title Scientific Linux Security Update : pam on SL5.x i386/x86_64 NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-1140-2.NASL description USN-1140-1 fixed vulnerabilities in PAM. A regression was found that caused cron to stop working with a last seen 2020-06-01 modified 2020-06-02 plugin id 55103 published 2011-06-13 reporter Ubuntu Security Notice (C) 2011-2019 Canonical, Inc. / NASL script (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/55103 title Ubuntu 8.04 LTS / 10.04 LTS / 10.10 / 11.04 : pam regression (USN-1140-2)
Redhat
| advisories |
| ||||||||
| rpms |
|
References
- http://lists.vmware.com/pipermail/security-announce/2011/000126.html
- http://pam.cvs.sourceforge.net/viewvc/pam/Linux-PAM/modules/pam_namespace/pam_namespace.c?view=log#rev1.13
- http://secunia.com/advisories/49711
- http://security.gentoo.org/glsa/glsa-201206-31.xml
- http://www.mandriva.com/security/advisories?name=MDVSA-2010:220
- http://www.redhat.com/support/errata/RHSA-2010-0819.html
- http://www.redhat.com/support/errata/RHSA-2010-0891.html
- http://www.securityfocus.com/archive/1/516909/100/0/threaded
- http://www.vmware.com/security/advisories/VMSA-2011-0004.html
- http://www.vupen.com/english/advisories/2011/0606
- https://bugzilla.redhat.com/show_bug.cgi?id=643043