Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2010-3435
Description:The (1) pam_env and (2) pam_mail modules in Linux-PAM (aka pam) before 1.1.2 use root privileges during read access to files and directories that belong to arbitrary user accounts, which might allow local users to obtain sensitive information by leveraging this filesystem activity, as demonstrated by a symlink attack on the .pam_environment file in a user's home directory.
Test IDs: 1.3.6.1.4.1.25623.1.0.68290   1.3.6.1.4.1.25623.1.0.68604   1.3.6.1.4.1.25623.1.0.68398   1.3.6.1.4.1.25623.1.0.68384   1.3.6.1.4.1.25623.1.0.69190   1.3.6.1.4.1.25623.1.0.122300   1.3.6.1.4.1.25623.1.0.122256  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2010-3435
Bugtraq: 20110308 VMSA-2011-0004 VMware ESX/ESXi SLPD denial of service vulnerability and ESX third party updates for Service Console packages bind, pam, and rpm. (Google Search)
http://www.securityfocus.com/archive/1/516909/100/0/threaded
http://security.gentoo.org/glsa/glsa-201206-31.xml
http://www.mandriva.com/security/advisories?name=MDVSA-2010:220
http://openwall.com/lists/oss-security/2010/09/21/3
http://www.openwall.com/lists/oss-security/2010/09/24/2
http://openwall.com/lists/oss-security/2010/09/27/4
http://openwall.com/lists/oss-security/2010/09/27/5
http://openwall.com/lists/oss-security/2010/09/27/8
http://openwall.com/lists/oss-security/2010/09/27/10
http://openwall.com/lists/oss-security/2010/09/27/7
http://openwall.com/lists/oss-security/2010/10/25/2
http://lists.vmware.com/pipermail/security-announce/2011/000126.html
RedHat Security Advisories: RHSA-2010:0819
http://www.redhat.com/support/errata/RHSA-2010-0819.html
RedHat Security Advisories: RHSA-2010:0891
http://www.redhat.com/support/errata/RHSA-2010-0891.html
http://secunia.com/advisories/49711
http://www.vupen.com/english/advisories/2011/0606




© 1998-2024 E-Soft Inc. All rights reserved.