CVE-2010-3316 — Linux-pam vulnerability

11 documents9 sources

Severity

3.3LOWNVD

EPSS

0.1%

top 78.10%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

PAM Debian PAM Linux-pam +4 more

Timeline

PublishedJan 24

Latest updateMay 14

Description

The run_coprocess function in pam_xauth.c in the pam_xauth module in Linux-PAM (aka pam) before 1.1.2 does not check the return values of the setuid, setgid, and setgroups system calls, which might allow local users to read arbitrary files by executing a program that relies on the pam_xauth PAM check.

CVSS vector

AV:L/AC:M/C:P/I:P/A:NExploitability: 3.4 | Impact: 4.9

Affected Packages7 packages

▶NVDlinux-pam/linux-pam1.1.1+22

▶debiandebian/pam< pam 1.1.2-1 (bookworm)

▶Debianpam/pam< 1.1.2-1+3

▶vmwarevmware/vmware_esxi

▶vmwarevmware/vmware_tools

Patches

Patch: openwall.com ↗Patch: openwall.com ↗Patch: openwall.com ↗

🔴Vulnerability Details

GHSA

GHSA-xj4j-67v3-3wr4: The run_coprocess function in pam_xauth↗2022-05-14

▶

OSV

CVE-2010-3316: The run_coprocess function in pam_xauth↗2011-01-24

▶

📋Vendor Advisories

Ubuntu

PAM regression↗2011-05-31

▶

Ubuntu

PAM vulnerabilities↗2011-05-30

▶

VMware

VMware ESX/ESXi SLPD denial of service vulnerability and ESX third party updates for Service Console packages bind, pam, and rpm.↗2011-03-07

▶

Red Hat

pam: pam_xauth missing return value checks from setuid() and similar calls↗2010-07-20

▶

Debian

CVE-2010-3316: pam - The run_coprocess function in pam_xauth.c in the pam_xauth module in Linux-PAM (...↗2010

▶

💬Community

Bugzilla

CVE-2010-4706 pam: pam_xauth: Improper handling of failure to determine certain target uid↗2011-01-25

▶

Bugzilla

CVE-2010-3316 pam: pam_xauth missing return value checks from setuid() and similar calls↗2010-09-27

▶