Описание
pam_console does not properly restore ownership for certain console devices when there are multiple users logged into the console and one user logs out, which might allow local users to gain privileges.
pam_console does not properly restore ownership for certain console devices when there are multiple users logged into the console and one user logs out, which might allow local users to gain privileges.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2007-1716
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=230823
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11483
- http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html
- http://osvdb.org/37271
- http://secunia.com/advisories/25631
- http://secunia.com/advisories/25894
- http://secunia.com/advisories/26909
- http://secunia.com/advisories/27590
- http://secunia.com/advisories/27706
- http://secunia.com/advisories/28319
- http://security.gentoo.org/glsa/glsa-200711-23.xml
- http://support.avaya.com/elmodocs2/security/ASA-2007-526.htm
- http://www.redhat.com/support/errata/RHSA-2007-0465.html
- http://www.redhat.com/support/errata/RHSA-2007-0555.html
- http://www.redhat.com/support/errata/RHSA-2007-0737.html
- http://www.vupen.com/english/advisories/2007/3229
EPSS
CVE ID
Связанные уязвимости
pam_console does not properly restore ownership for certain console devices when there are multiple users logged into the console and one user logs out, which might allow local users to gain privileges.
pam_console does not properly restore ownership for certain console devices when there are multiple users logged into the console and one user logs out, which might allow local users to gain privileges.
ELSA-2007-0555: pam security, bug fix, and enhancement update (MODERATE)
Уязвимости операционной системы Red Hat Enterprise Linux, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
Уязвимости операционной системы Red Hat Enterprise Linux, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
EPSS