Lucene search
UbuntuUSN-1395-1HistoryMar 08, 2012 - 12:00 a.m.
PyPAM vulnerability
2012-03-0800:00:00
ubuntu.com
37
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.1
Confidence
Low
EPSS
0.502
Percentile
97.5%
Releases
- Ubuntu 11.10
- Ubuntu 11.04
- Ubuntu 10.10
- Ubuntu 10.04
Packages
- python-pam - A Python interface to the PAM library
Details
Markus Vervier discovered that PyPAM incorrectly handled passwords
containing NULL bytes. An attacker could exploit this to cause applications
using PyPAM to crash, or possibly execute arbitrary code.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 11.10 | noarch | python-pam | < 0.4.2-12.2ubuntu2.11.10.1 | UNKNOWN |
| Ubuntu | 11.10 | noarch | python-pam-dbg | < 0.4.2-12.2ubuntu2.11.10.1 | UNKNOWN |
| Ubuntu | 11.04 | noarch | python-pam | < 0.4.2-12.2ubuntu2.11.04.1 | UNKNOWN |
| Ubuntu | 11.04 | noarch | python-pam-dbg | < 0.4.2-12.2ubuntu2.11.04.1 | UNKNOWN |
| Ubuntu | 10.10 | noarch | python-pam | < 0.4.2-12.1ubuntu1.10.10.1 | UNKNOWN |
| Ubuntu | 10.10 | noarch | python-pam-dbg | < 0.4.2-12.1ubuntu1.10.10.1 | UNKNOWN |
| Ubuntu | 10.04 | noarch | python-pam | < 0.4.2-12.1ubuntu1.10.04.1 | UNKNOWN |
| Ubuntu | 10.04 | noarch | python-pam-dbg | < 0.4.2-12.1ubuntu1.10.04.1 | UNKNOWN |
References
Related
packetstorm
packetstorm
PyPAM 0.4.2 Double-Free Corruption
2012-03-09 00:00:00
prion
prion
Double free
2012-06-16 00:55:00
debian
debian
[SECURITY] [DSA 2430-1] python-pam security update
2012-03-10 15:51:34
gentoo
gentoo
PyPAM: Arbitrary code execution
2015-07-09 00:00:00
openvas
openvas
Debian Security Advisory DSA 2430-1 (python-pam)
2012-04-30 00:00:00
Gentoo Security Advisory GLSA 201507-09
2015-09-29 00:00:00
Ubuntu Update for python-pam USN-1395-1
2012-03-09 00:00:00
securityvulns
securityvulns
[USN-1395-1] PyPAM vulnerability
2012-03-10 00:00:00
LSE-2012-03-01: PyPAM -- Python bindings for PAM - Double Free Corruption
2012-03-10 00:00:00
python-pam memory corruption
2012-03-10 00:00:00
nessus
nessus
SuSE 11.1 Security Update : python-pam (SAT Patch Number 6025)
2013-01-25 00:00:00
SuSE 10 Security Update : python-pam (ZYPP Patch Number 8031)
2012-05-30 00:00:00
RHEL 6 : pypam (Unpatched Vulnerability)
2024-06-03 00:00:00
cve
cve
CVE-2012-1502
2012-06-16 00:55:06
zdt
zdt
PyPAM Python bindings for PAM Double Free Corruption
2012-03-10 00:00:00
debiancve
debiancve
CVE-2012-1502
2012-06-16 00:55:06
cvelist
cvelist
CVE-2012-1502
2012-06-16 00:00:00
exploitpack
exploitpack
PyPAM Python bindings for PAM - Double-Free Corruption
2012-03-10 00:00:00
seebug
seebug
PyPAM - Python bindings for PAM - Double Free Corruption
2014-07-01 00:00:00
nvd
nvd
CVE-2012-1502
2012-06-16 00:55:06
ubuntucve
ubuntucve
CVE-2012-1502
2012-03-08 00:00:00
exploitdb
exploitdb
PyPAM Python bindings for PAM - Double-Free Corruption
2012-03-10 00:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.1
Confidence
Low
EPSS
0.502
Percentile
97.5%
Related for USN-1395-1