Описание
Stack-based buffer overflow in the _assemble_line function in modules/pam_env/pam_env.c in Linux-PAM (aka pam) before 1.1.5 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long string of white spaces at the beginning of the ~/.pam_environment file.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 1.1.3-2ubuntu2.1 |
| hardy | released | 0.99.7.1-5ubuntu6.5 |
| lucid | released | 1.1.1-2ubuntu5.4 |
| maverick | released | 1.1.1-4ubuntu2.4 |
| natty | released | 1.1.2-2ubuntu8.4 |
| oneiric | released | 1.1.3-2ubuntu2.1 |
| upstream | needs-triage |
Показывать по
EPSS
4.6 Medium
CVSS2
Связанные уязвимости
Stack-based buffer overflow in the _assemble_line function in modules/pam_env/pam_env.c in Linux-PAM (aka pam) before 1.1.5 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long string of white spaces at the beginning of the ~/.pam_environment file.
Stack-based buffer overflow in the _assemble_line function in modules/pam_env/pam_env.c in Linux-PAM (aka pam) before 1.1.5 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long string of white spaces at the beginning of the ~/.pam_environment file.
Stack-based buffer overflow in the _assemble_line function in modules/ ...
Stack-based buffer overflow in the _assemble_line function in modules/pam_env/pam_env.c in Linux-PAM (aka pam) before 1.1.5 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long string of white spaces at the beginning of the ~/.pam_environment file.
ELSA-2013-0521: pam security, bug fix, and enhancement update (MODERATE)
EPSS
4.6 Medium
CVSS2