Ubuntu 8.04 LTS / 10.04 LTS / 10.10 / 11.04 : pam vulnerabilities (USN-1140-1)

Ubuntu Security Notice (C) 2011-2016 Canonical, Inc. / NASL script (C) 2011-2016 Tenable Network Security, Inc.


Synopsis :

The remote Ubuntu host is missing a security-related patch.

Description :

Marcus Granado discovered that PAM incorrectly handled configuration
files with non-ASCII usernames. A remote attacker could use this flaw
to cause a denial of service, or possibly obtain login access with a
different users username. This issue only affected Ubuntu 8.04 LTS.
(CVE-2009-0887)

It was discovered that the PAM pam_xauth, pam_env and pam_mail modules
incorrectly handled dropping privileges when performing operations. A
local attacker could use this flaw to read certain arbitrary files,
and access other sensitive information. (CVE-2010-3316, CVE-2010-3430,
CVE-2010-3431, CVE-2010-3435)

It was discovered that the PAM pam_namespace module incorrectly
cleaned the environment during execution of the namespace.init script.
A local attacker could use this flaw to possibly gain privileges.
(CVE-2010-3853)

It was discovered that the PAM pam_xauth module incorrectly handled
certain failures. A local attacker could use this flaw to delete
certain unintended files. (CVE-2010-4706)

It was discovered that the PAM pam_xauth module incorrectly verified
certain file properties. A local attacker could use this flaw to cause
a denial of service. (CVE-2010-4707).

Note that Tenable Network Security has extracted the preceding
description block directly from the Ubuntu security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.

Solution :

Update the affected libpam-modules package.

Risk factor :

Medium / CVSS Base Score : 6.9
(CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 6.0
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : false

Family: Ubuntu Local Security Checks

Nessus Plugin ID: 55102 ()

Bugtraq ID: 34010
42472
43487
44590
46045

CVE ID: CVE-2009-0887
CVE-2010-3316
CVE-2010-3430
CVE-2010-3431
CVE-2010-3435
CVE-2010-3853
CVE-2010-4706
CVE-2010-4707

Ready to Scan Unlimited IPs & Run Compliance Checks?

Upgrade to Nessus Professional today!

Buy Now

Combine the Power of Nessus with the Ease of Cloud

Start your free Nessus Cloud trial now!

Begin Free Trial