ALT-PU-2016-1720-1
Closed vulnerabilities
Published: 2014-04-11
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2014-2583
Multiple directory traversal vulnerabilities in pam_timestamp.c in the pam_timestamp module for Linux-PAM (aka pam) 1.1.8 allow local users to create arbitrary files or possibly bypass authentication via a .. (dot dot) in the (1) PAM_RUSER value to the get_ruser function or (2) PAM_TTY value to the check_tty function, which is used by the format_timestamp_name function.
Severity: MEDIUM (5.8)
References:
- 57317
- 57317
- [oss-security] 20140324 pam_timestamp internals
- [oss-security] 20140324 pam_timestamp internals
- [oss-security] 20140326 Re: pam_timestamp internals
- [oss-security] 20140326 Re: pam_timestamp internals
- [oss-security] 20140331 Re: pam_timestamp internals
- [oss-security] 20140331 Re: pam_timestamp internals
- 66493
- 66493
- USN-2935-1
- USN-2935-1
- USN-2935-2
- USN-2935-2
- USN-2935-3
- USN-2935-3
- https://git.fedorahosted.org/cgit/linux-pam.git/commit/?id=Linux-PAM-1_1_8-32-g9dcead8
- https://git.fedorahosted.org/cgit/linux-pam.git/commit/?id=Linux-PAM-1_1_8-32-g9dcead8
- GLSA-201605-05
- GLSA-201605-05
Published: 2015-08-24
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2015-3238
The _unix_run_helper_binary function in the pam_unix module in Linux-PAM (aka pam) before 1.2.1, when unable to directly access passwords, allows local users to enumerate usernames or cause a denial of service (hang) via a large password.
Severity: MEDIUM (6.5)
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
References:
- FEDORA-2015-10848
- FEDORA-2015-10848
- FEDORA-2015-10830
- FEDORA-2015-10830
- RHSA-2015:1640
- RHSA-2015:1640
- [oss-security] 20150625 Linux-PAM 1.2.1 released to address CVE-2015-3238
- [oss-security] 20150625 Linux-PAM 1.2.1 released to address CVE-2015-3238
- http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
- http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
- 75428
- 75428
- USN-2935-1
- USN-2935-1
- USN-2935-2
- USN-2935-2
- USN-2935-3
- USN-2935-3
- https://bugzilla.redhat.com/show_bug.cgi?id=1228571
- https://bugzilla.redhat.com/show_bug.cgi?id=1228571
- GLSA-201605-05
- GLSA-201605-05
- https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2015-011/?fid=6551
- https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2015-011/?fid=6551
- https://www.trustwave.com/Resources/SpiderLabs-Blog/Username-Enumeration-against-OpenSSH-SELinux-with-CVE-2015-3238/
- https://www.trustwave.com/Resources/SpiderLabs-Blog/Username-Enumeration-against-OpenSSH-SELinux-with-CVE-2015-3238/