Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2011-3148HistoryJul 22, 2012 - 5:55 p.m.
CVE-2011-3148
2012-07-2217:55:01
Debian Security Bug Tracker
security-tracker.debian.org
14
CVSS2
4.6
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
EPSS
0
Percentile
5.1%
Stack-based buffer overflow in the _assemble_line function in modules/pam_env/pam_env.c in Linux-PAM (aka pam) before 1.1.5 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long string of white spaces at the beginning of the ~/.pam_environment file.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | pam | < 1.1.3-5 | pam_1.1.3-5_all.deb |
| Debian | 11 | all | pam | < 1.1.3-5 | pam_1.1.3-5_all.deb |
| Debian | 999 | all | pam | < 1.1.3-5 | pam_1.1.3-5_all.deb |
| Debian | 13 | all | pam | < 1.1.3-5 | pam_1.1.3-5_all.deb |
Related
ubuntucve
ubuntucve
CVE-2011-3148
2011-10-24 00:00:00
cve
cve
CVE-2011-3148
2012-07-22 17:55:01
veracode
veracode
Denial Of Service (DoS)
2019-01-15 08:57:42
cvelist
cvelist
CVE-2011-3148
2012-07-22 17:00:00
prion
prion
Stack overflow
2012-07-22 17:55:00
nvd
nvd
CVE-2011-3148
2012-07-22 17:55:01
suse
suse
Security update for pam (important)
2011-11-02 23:08:31
Security update for pam (important)
2011-11-03 00:08:45
redhat
redhat
nessus
nessus
RHEL 6 : pam (RHSA-2013:0521)
2013-02-21 00:00:00
Scientific Linux Security Update : pam on SL6.x i386/x86_64 (20130221)
2013-03-01 00:00:00
CentOS 6 : pam (CESA-2013:0521)
2013-03-10 00:00:00
openvas
openvas
RedHat Update for pam RHSA-2013:0521-02
2013-02-22 00:00:00
CentOS Update for pam CESA-2013:0521 centos6
2013-03-12 00:00:00
Oracle: Security Advisory (ELSA-2013-0521)
2015-10-06 00:00:00
osv
osv
pam - several
2011-10-24 00:00:00
centos
centos
pam security update
2013-02-27 19:37:13
securityvulns
securityvulns
[SECURITY] [DSA 2326-1] pam security update
2011-10-26 00:00:00
pam buffer overflow
2011-10-26 00:00:00
oraclelinux
oraclelinux
pam security, bug fix, and enhancement update
2013-02-22 00:00:00
amazon
amazon
Medium: pam
2013-03-02 16:48:00
debian
debian
[SECURITY] [DSA 2326-1] pam security update
2011-10-24 16:50:48
f5
f5
K16878 : PAM vulnerabilities CVE-2011-3148 and CVE-2011-3149
2015-07-02 00:00:00
SOL16878 - PAM vulnerabilities CVE-2011-3148 and CVE-2011-3149
2015-07-02 00:00:00
ubuntu
ubuntu
PAM vulnerabilities
2011-10-24 00:00:00
gentoo
gentoo
Linux-PAM: Multiple vulnerabilities
2012-06-25 00:00:00
CVSS2
4.6
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
EPSS
0
Percentile
5.1%
Related for DEBIANCVE:CVE-2011-3148