Denial Of Service (DoS)

2020-04-1000:47:51

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

0.0004 Low

EPSS

Percentile

5.1%

JSON

Pluggable Authentication Modules (PAM) is vulnerable to Denial of Service (DoS). The check_acl function in pam_xauth.c in the pam_xauth module in Linux-PAM does not verify that a certain ACL file is a regular file, which might allow local users to cause a denial of service (resource consumption) via a special file.

CPENameOperatorVersion
pameq0.99.6.2__3.14.el5
pameq0.99.6.2__3.27.el5
pameq0.99.6.2__3.22.el5
pameq0.99.6.2__4.el5
pameq0.99.6.2__3.26.el5
pameq0.99.6.2__3.14.el5
pameq0.99.6.2__3.27.el5
pameq0.99.6.2__3.22.el5
pameq0.99.6.2__4.el5
pameq0.99.6.2__3.26.el5

Name	Operator	Version
pam	eq	0.99.6.2__3.14.el5
pam	eq	0.99.6.2__3.27.el5
pam	eq	0.99.6.2__3.22.el5
pam	eq	0.99.6.2__4.el5
pam	eq	0.99.6.2__3.26.el5
pam	eq	0.99.6.2__3.14.el5
pam	eq	0.99.6.2__3.27.el5
pam	eq	0.99.6.2__3.22.el5
pam	eq	0.99.6.2__4.el5
pam	eq	0.99.6.2__3.26.el5