Linux-PAM "pam_env" Module Two Vulnerabilities

Дата публикации:
25.10.2011
Всего просмотров:
964
Опасность:
Низкая
Наличие исправления:
Инстуркции по устранению
Количество уязвимостей:
2
CVSSv2 рейтинг:
(AV:L/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:W/RC:C) = Base:7.2/Temporal:5.8
(AV:L/AC:L/Au:N/C:N/I:N/A:C/E:U/RL:W/RC:C) = Base:4.9/Temporal:4
CVE ID:
CVE-2011-3148
CVE-2011-3149
Вектор эксплуатации:
Локальная
Воздействие:
Отказ в обслуживании
Повышение привилегий
CWE ID:
Нет данных
Наличие эксплоита:
Нет данных
Уязвимые продукты:
Linux-PAM 1.x
Описание: >

Two vulnerabilities have been reported in Linux-PAM, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and potentially gain escalated privileges.

1) A boundary error within the "_assemble_line()" function (modules/pam_env/pam_env.c) of the "pam_env" module can be exploited to cause a stack-based buffer overflow via e.g. a specially crafted "~/.pam_environment" file.

2) The "_expand_arg()" function (modules/pam_env/pam_env.c) of the "pam_env" module does not properly abort when encountering certain conditions during the expansion of environment variables, which can be exploited to e.g. cause a high CPU consumption via specially crafted environment variables.

The vulnerabilities are reported in version 1.1.4. Other versions may also be affected.




Ссылки: http://git.fedorahosted.org/git/
http://git.fedorahosted.org/git/
https://bugs.launchpad.net/ubuntu/
https://bugs.launchpad.net/ubuntu/
или введите имя

CAPTCHA