Описание
The pam_sm_close_session function in pam_xauth.c in the pam_xauth module in Linux-PAM (aka pam) 1.1.2 and earlier does not properly handle a failure to determine a certain target uid, which might allow local users to delete unintended files by executing a program that relies on the pam_xauth PAM check.
Отчет
Red Hat does not consider this issue to be a security flaw. For additional details, refer to: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4706
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 4 | pam | Affected | ||
| Red Hat Enterprise Linux 5 | pam | Not affected | ||
| Red Hat Enterprise Linux 6 | pam | Not affected |
Показывать по
Дополнительная информация
Статус:
1.9 Low
CVSS2
Связанные уязвимости
The pam_sm_close_session function in pam_xauth.c in the pam_xauth module in Linux-PAM (aka pam) 1.1.2 and earlier does not properly handle a failure to determine a certain target uid, which might allow local users to delete unintended files by executing a program that relies on the pam_xauth PAM check.
The pam_sm_close_session function in pam_xauth.c in the pam_xauth module in Linux-PAM (aka pam) 1.1.2 and earlier does not properly handle a failure to determine a certain target uid, which might allow local users to delete unintended files by executing a program that relies on the pam_xauth PAM check.
The pam_sm_close_session function in pam_xauth.c in the pam_xauth modu ...
The pam_sm_close_session function in pam_xauth.c in the pam_xauth module in Linux-PAM (aka pam) 1.1.2 and earlier does not properly handle a failure to determine a certain target uid, which might allow local users to delete unintended files by executing a program that relies on the pam_xauth PAM check.
1.9 Low
CVSS2