Vulnerability Description
The (1) pam_env and (2) pam_mail modules in Linux-PAM (aka pam) before 1.1.2 use root privileges during read access to files and directories that belong to arbitrary user accounts, which might allow local users to obtain sensitive information by leveraging this filesystem activity, as demonstrated by a symlink attack on the .pam_environment file in a user's home directory.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux-Pam | Linux-Pam | <= 1.1.1 |
References
- http://git.altlinux.org/people/ldv/packages/?p=pam.git%3Ba=commit%3Bh=06f882f300
- http://lists.vmware.com/pipermail/security-announce/2011/000126.html
- http://openwall.com/lists/oss-security/2010/09/21/3Patch
- http://openwall.com/lists/oss-security/2010/09/27/10
- http://openwall.com/lists/oss-security/2010/09/27/4Patch
- http://openwall.com/lists/oss-security/2010/09/27/5Patch
- http://openwall.com/lists/oss-security/2010/09/27/7Patch
- http://openwall.com/lists/oss-security/2010/09/27/8
- http://openwall.com/lists/oss-security/2010/10/25/2Patch
- http://secunia.com/advisories/49711
- http://security.gentoo.org/glsa/glsa-201206-31.xml
- http://www.mandriva.com/security/advisories?name=MDVSA-2010:220
- http://www.openwall.com/lists/oss-security/2010/09/24/2
- http://www.redhat.com/support/errata/RHSA-2010-0819.html
- http://www.redhat.com/support/errata/RHSA-2010-0891.html
FAQ
What is CVE-2010-3435?
CVE-2010-3435 is a vulnerability with a CVSS score of 4.7 (MEDIUM). The (1) pam_env and (2) pam_mail modules in Linux-PAM (aka pam) before 1.1.2 use root privileges during read access to files and directories that belong to arbitrary user accounts, which might allow l...
How severe is CVE-2010-3435?
CVE-2010-3435 has been rated MEDIUM with a CVSS base score of 4.7/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2010-3435?
Check the references section above for vendor advisories and patch information. Affected products include: Linux-Pam Linux-Pam.