CVE-2010-3435

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

The (1) pam_env and (2) pam_mail modules in Linux-PAM (aka pam) before 1.1.2 use root privileges during read access to files and directories that belong to arbitrary user accounts, which might allow local users to obtain sensitive information by leveraging this filesystem activity, as demonstrated by a symlink attack on the .pam_environment file in a user's home directory.

References

http://git.altlinux.org/people/ldv/packages/?p=pam.git;a=commit;h=06f882f30092a39a1db867c9744b2ca8d60e4ad6

http://lists.vmware.com/pipermail/security-announce/2011/000126.html

http://openwall.com/lists/oss-security/2010/09/21/3

http://openwall.com/lists/oss-security/2010/09/27/10

http://openwall.com/lists/oss-security/2010/09/27/4

http://openwall.com/lists/oss-security/2010/09/27/5

http://openwall.com/lists/oss-security/2010/09/27/7

http://openwall.com/lists/oss-security/2010/09/27/8

http://openwall.com/lists/oss-security/2010/10/25/2

http://secunia.com/advisories/49711

http://security.gentoo.org/glsa/glsa-201206-31.xml

http://www.mandriva.com/security/advisories?name=MDVSA-2010:220

http://www.openwall.com/lists/oss-security/2010/09/24/2

http://www.redhat.com/support/errata/RHSA-2010-0819.html

http://www.redhat.com/support/errata/RHSA-2010-0891.html

http://www.securityfocus.com/archive/1/516909/100/0/threaded

http://www.vmware.com/security/advisories/VMSA-2011-0004.html

http://www.vupen.com/english/advisories/2011/0606

https://bugzilla.redhat.com/show_bug.cgi?id=641335

Details

Source: MITRE

Published: 2011-01-24

Updated: 2019-01-03

Risk Information

CVSS v2

Base Score: 4.7

Vector: AV:L/AC:M/Au:N/C:C/I:N/A:N

Impact Score: 6.9

Exploitability Score: 3.4

Severity: MEDIUM

Tenable Plugins

View all (17 total)

IDNameProductFamilySeverity
129937NewStart CGSL CORE 5.04 / MAIN 5.04 : pam Multiple Vulnerabilities (NS-SA-2019-0198)NessusNewStart CGSL Local Security Checks
high
89675VMware ESX / ESXi Third-Party Libraries Multiple Vulnerabilities (VMSA-2011-0004) (remote check)NessusMisc.
high
68144Oracle Linux 6 : pam (ELSA-2010-0891)NessusOracle Linux Local Security Checks
high
68132Oracle Linux 5 : pam (ELSA-2010-0819)NessusOracle Linux Local Security Checks
medium
60901Scientific Linux Security Update : pam on SL6.x i386/x86_64NessusScientific Linux Local Security Checks
medium
60882Scientific Linux Security Update : pam on SL5.x i386/x86_64NessusScientific Linux Local Security Checks
medium
59704GLSA-201206-31 : Linux-PAM: Multiple vulnerabilitiesNessusGentoo Local Security Checks
high
55103Ubuntu 8.04 LTS / 10.04 LTS / 10.10 / 11.04 : pam regression (USN-1140-2)NessusUbuntu Local Security Checks
medium
55102Ubuntu 8.04 LTS / 10.04 LTS / 10.10 / 11.04 : pam vulnerabilities (USN-1140-1)NessusUbuntu Local Security Checks
medium
52582VMSA-2011-0004 : VMware ESX/ESXi SLPD denial of service vulnerability and ESX third-party updates for Service Console packages bind, pam, and rpm.NessusVMware ESX Local Security Checks
high
50804CentOS 5 : pam (CESA-2010:0819)NessusCentOS Local Security Checks
medium
50644RHEL 6 : pam (RHSA-2010:0891)NessusRed Hat Local Security Checks
high
50626Fedora 12 : pam-1.1.1-6.fc12 (2010-17133)NessusFedora Local Security Checks
medium
50508Fedora 14 : pam-1.1.1-6.fc14 (2010-17155)NessusFedora Local Security Checks
medium
50486Fedora 13 : pam-1.1.1-6.fc13 (2010-17112)NessusFedora Local Security Checks
medium
50472Mandriva Linux Security Advisory : pam (MDVSA-2010:220)NessusMandriva Local Security Checks
medium
50447RHEL 5 : pam (RHSA-2010:0819)NessusRed Hat Local Security Checks
medium