Veracode Vulnerability DatabaseVERACODE:24158Remote Code Execution (RCE)
0.0004 Low
EPSS
Percentile
10.3%
Pluggable Authentication Modules (PAM) is vulnerable to remote code execution (RCE). It was discovered that the pam_xauth module did not verify the return values of the setuid() and setgid() system calls. A local, unprivileged user could use this flaw to execute the xauth command with root privileges and make it read an arbitrary input file.
References
git.altlinux.org/people/ldv/packages/?p=pam.git%3Ba=commit%3Bh=06f882f30092a39a1db867c9744b2ca8d60e4ad6
git.altlinux.org/people/ldv/packages/?p=pam.git;a=commit;h=06f882f30092a39a1db867c9744b2ca8d60e4ad6
lists.vmware.com/pipermail/security-announce/2011/000126.html
openwall.com/lists/oss-security/2010/08/16/2
openwall.com/lists/oss-security/2010/09/21/3
openwall.com/lists/oss-security/2010/09/21/8
openwall.com/lists/oss-security/2010/09/27/10
openwall.com/lists/oss-security/2010/09/27/4
openwall.com/lists/oss-security/2010/09/27/5
openwall.com/lists/oss-security/2010/09/27/7
openwall.com/lists/oss-security/2010/10/25/2
secunia.com/advisories/49711
security.gentoo.org/glsa/glsa-201206-31.xml
www.mandriva.com/security/advisories?name=MDVSA-2010:220
www.openwall.com/lists/oss-security/2010/09/24/2
www.redhat.com/security/updates/classification/#moderate
www.redhat.com/support/errata/RHSA-2010-0819.html
www.redhat.com/support/errata/RHSA-2010-0891.html
www.securityfocus.com/archive/1/516909/100/0/threaded
www.vmware.com/security/advisories/VMSA-2011-0004.html
www.vupen.com/english/advisories/2011/0606
access.redhat.com/errata/RHSA-2010:0819
bugzilla.redhat.com/show_bug.cgi?id=637898
sourceforge.net/tracker/?func=detail&aid=3028213&group_id=6663&atid=106663
Related
