Vulnerability CVE-2010-3435


Published: 2011-01-24   Modified: 2012-02-13

Description:
The (1) pam_env and (2) pam_mail modules in Linux-PAM (aka pam) before 1.1.2 use root privileges during read access to files and directories that belong to arbitrary user accounts, which might allow local users to obtain sensitive information by leveraging this filesystem activity, as demonstrated by a symlink attack on the .pam_environment file in a user's home directory.

Type:

CWE-Other

CVSS2 => (AV:L/AC:M/Au:N/C:C/I:N/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
4.7/10
6.9/10
3.4/10
Exploit range
Attack complexity
Authentication
Local
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
None
None
Affected software
Linux-pam -> Linux-pam 
Kernel -> Linux-pam 

 References:
http://git.altlinux.org/people/ldv/packages/?p=pam.git;a=commit;h=06f882f30092a39a1db867c9744b2ca8d60e4ad6
http://lists.vmware.com/pipermail/security-announce/2011/000126.html
http://openwall.com/lists/oss-security/2010/09/21/3
http://openwall.com/lists/oss-security/2010/09/27/10
http://openwall.com/lists/oss-security/2010/09/27/4
http://openwall.com/lists/oss-security/2010/09/27/5
http://openwall.com/lists/oss-security/2010/09/27/7
http://openwall.com/lists/oss-security/2010/09/27/8
http://openwall.com/lists/oss-security/2010/10/25/2
http://security.gentoo.org/glsa/glsa-201206-31.xml
http://www.mandriva.com/security/advisories?name=MDVSA-2010:220
http://www.openwall.com/lists/oss-security/2010/09/24/2
http://www.redhat.com/support/errata/RHSA-2010-0819.html
http://www.redhat.com/support/errata/RHSA-2010-0891.html
http://www.securityfocus.com/archive/1/516909/100/0/threaded
http://www.vmware.com/security/advisories/VMSA-2011-0004.html
http://www.vupen.com/english/advisories/2011/0606
https://bugzilla.redhat.com/show_bug.cgi?id=641335

Copyright 2024, cxsecurity.com

 

Back to Top