Linux-PAM "pam_env" Module Two Vulnerabilities

Дата публикации:	25.10.2011
Всего просмотров:	1290
Опасность:	Низкая
Наличие исправления:	Инстуркции по устранению
Количество уязвимостей:	2
CVSSv2 рейтинг:	7.2 (AV:L/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:W/RC:C) 4.9 (AV:L/AC:L/Au:N/C:N/I:N/A:C/E:U/RL:W/RC:C)
CVE ID:	CVE-2011-3148 CVE-2011-3149
Вектор эксплуатации:	Локальная
Воздействие:	Отказ в обслуживании Повышение привилегий
CWE ID:	Нет данных
Наличие эксплоита:	Нет данных
Уязвимые продукты:	Linux-PAM 1.x
Описание:	> Two vulnerabilities have been reported in Linux-PAM, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and potentially gain escalated privileges. 1) A boundary error within the "_assemble_line()" function (modules/pam_env/pam_env.c) of the "pam_env" module can be exploited to cause a stack-based buffer overflow via e.g. a specially crafted "~/.pam_environment" file. 2) The "_expand_arg()" function (modules/pam_env/pam_env.c) of the "pam_env" module does not properly abort when encountering certain conditions during the expansion of environment variables, which can be exploited to e.g. cause a high CPU consumption via specially crafted environment variables. The vulnerabilities are reported in version 1.1.4. Other versions may also be affected.
Ссылки:	http://git.fedorahosted.org/git/ http://git.fedorahosted.org/git/ https://bugs.launchpad.net/ubuntu/ https://bugs.launchpad.net/ubuntu/

Linux-PAM "pam_env" Module Two Vulnerabilities

Подпишитесь на email рассылку