|
|
Subscribe / Log in / New account

pam: privilege escalation

Package(s):pam CVE #(s):CVE-2010-3316 CVE-2010-3435 CVE-2010-3853
Created:November 2, 2010 Updated:November 3, 2011
Description: From the Red Hat advisory:

It was discovered that the pam_namespace module executed the external script namespace.init with an unchanged environment inherited from an application calling PAM. In cases where such an environment was untrusted (for example, when pam_namespace was configured for setuid applications such as su or sudo), a local, unprivileged user could possibly use this flaw to escalate their privileges. (CVE-2010-3853)

It was discovered that the pam_mail module used root privileges while accessing users' files. In certain configurations, a local, unprivileged user could use this flaw to obtain limited information about files or directories that they do not have access to. (CVE-2010-3435)

It was discovered that the pam_xauth module did not verify the return values of the setuid() and setgid() system calls. A local, unprivileged user could use this flaw to execute the xauth command with root privileges and make it read an arbitrary input file. (CVE-2010-3316)

Alerts:
Gentoo 201206-31 pam 2012-06-25
SUSE SUSE-SU-2011:1218-1 pam 2011-11-04
SUSE SUSE-SU-2011:1207-1 pam 2011-11-03
SUSE SUSE-SU-2011:1205-1 pam 2011-11-03
SUSE SUSE-SU-2011:1209-1 pam 2011-11-03
openSUSE openSUSE-SU-2011:1208-1 pam 2011-11-03
Ubuntu USN-1140-2 pam 2011-05-31
Ubuntu USN-1140-1 pam 2011-05-30
Pardus 2011-41 pam 2011-02-14
Fedora FEDORA-2010-17133 pam 2010-11-02
Red Hat RHSA-2010:0891-01 pam 2010-11-16
Fedora FEDORA-2010-17155 pam 2010-11-02
Fedora FEDORA-2010-17112 pam 2010-11-02
Mandriva MDVSA-2010:220 pam 2010-11-04
CentOS CESA-2010:0819 pam 2010-11-01
Red Hat RHSA-2010:0819-01 pam 2010-11-01
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds