Lucene search

K

RedhatCVELIST:CVE-2011-4122

HistoryNov 17, 2011 - 7:00 p.m.

CVE-2011-4122

2011-11-1719:00:00

redhat

www.cve.org

2

6.2 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

26.8%

Directory traversal vulnerability in openpam_configure.c in OpenPAM before r478 on FreeBSD 8.1 allows local users to load arbitrary DSOs and gain privileges via a … (dot dot) in the service_name argument to the pam_start function, as demonstrated by a … in the -c option to kcheckpass.

References

c-skills.blogspot.com/2011/11/openpam-trickery.html

openwall.com/lists/oss-security/2011/12/07/3

openwall.com/lists/oss-security/2011/12/08/9

osvdb.org/76945

secunia.com/advisories/46756

secunia.com/advisories/46804

stealth.openwall.net/xSports/pamslam

trac.des.no/openpam/changeset/478/trunk/lib/openpam_configure.c

exchange.xforce.ibmcloud.com/vulnerabilities/71205

6.2 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

26.8%

Related for CVELIST:CVE-2011-4122

freebsd1 openvas2 freebsd_advisory1 nvd2 securityvulns2 cve2 prion2 nessus1 cvelist1