Описание
pam_wheel in Linux-PAM 0.78, with the trust option enabled and the use_uid option disabled, allows local users to spoof log entries and gain privileges by causing getlogin() to return a spoofed user name.
Ссылки
- ExploitPatchVendor Advisory
- ExploitPatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 0.77 (включая)
cpe:2.3:o:andrew_morgan:linux_pam:*:*:*:*:*:*:*:*
EPSS
Процентиль: 37%
0.00154
Низкий
4.6 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
redhat
около 22 лет назад
pam_wheel in Linux-PAM 0.78, with the trust option enabled and the use_uid option disabled, allows local users to spoof log entries and gain privileges by causing getlogin() to return a spoofed user name.
debian
около 22 лет назад
pam_wheel in Linux-PAM 0.78, with the trust option enabled and the use ...
github
больше 3 лет назад
pam_wheel in Linux-PAM 0.78, with the trust option enabled and the use_uid option disabled, allows local users to spoof log entries and gain privileges by causing getlogin() to return a spoofed user name.
EPSS
Процентиль: 37%
0.00154
Низкий
4.6 Medium
CVSS2
Дефекты
NVD-CWE-Other