SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Security)  >   Pam (Pluggable Authentication Modules) Vendors:   Linux-PAM Project
PAM Lets Local Users Gain Elevated Privileges
SecurityTracker Alert ID:  1024668
SecurityTracker URL:  http://securitytracker.com/id/1024668
CVE Reference:   CVE-2010-3316, CVE-2010-3435, CVE-2010-3853   (Links to External Site)
Date:  Nov 1 2010
Impact:   Disclosure of system information, Disclosure of user information, Root access via local system, User access via local system
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): prior to 1.1.3
Description:   Several vulnerabilities were reported in PAM. A local user can obtain elevated privileges on the target system. A local user can obtain limited information about files on the target system.

The pam_xauth module does not verify the return values of the setuid() and setgid() system calls [CVE-2010-3316]. A local user can exploit this to execute the xauth command with root privileges and read an arbitrary input file.

Tim Brown reported this vulnerability.

The pam_mail module uses root privileges when accessing user files [CVE-2010-3435]. A local user can exploit this flaw to obtain limited information about files or directories that they do not have access to.

Sebastian Krahmer of the SuSE Security Team reported this vulnerability.

The pam_namespace module executes the external script 'namespace.init' with an environment inherited from an application calling PAM [CVE-2010-3853]. A local user may be able to exploit this flaw to gain elevated privileges.

Tomas Marz reported this vulnerability.

Impact:   A local user can obtain limited information about files and directories on the target system.

A local user can obtain elevated privileges on the target system.

Solution:   The vendor has issued a fix (1.1.3).
Vendor URL:  www.kernel.org/pub/linux/libs/pam/ (Links to External Site)
Cause:   Access control error
Underlying OS:  Linux (Any)

Message History:   This archive entry has one or more follow-up message(s) listed below.
Nov 1 2010 (Red Hat Issues Fix) PAM Lets Local Users Gain Elevated Privileges
Red Hat has issued a fix for Red Hat Enterprise Linux 5.
Nov 16 2010 (Red Hat Issues Fix) PAM Lets Local Users Gain Elevated Privileges
Red Hat has issued a fix for Red Hat Enterprise Linux 6.



 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC