CVE-2010-4707 — MEDIUM (4.9)

Q: How severe is CVE-2010-4707?

CVE-2010-4707 has been rated MEDIUM with a CVSS base score of 4.9/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2010-4707?

Check the references section above for vendor advisories and patch information. Affected products include: Linux-Pam Linux-Pam.

Vulnerability Description

The check_acl function in pam_xauth.c in the pam_xauth module in Linux-PAM (aka pam) 1.1.2 and earlier does not verify that a certain ACL file is a regular file, which might allow local users to cause a denial of service (resource consumption) via a special file.

CVSS Score

4.9

MEDIUM

AV:L/AC:L/Au:N/C:C/I:N/A:N

Confidentiality

COMPLETE

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Linux-Pam	Linux-Pam	<= 1.1.2

Related Weaknesses (CWE)

CWE-399

References

FAQ

What is CVE-2010-4707?

CVE-2010-4707 is a vulnerability with a CVSS score of 4.9 (MEDIUM). The check_acl function in pam_xauth.c in the pam_xauth module in Linux-PAM (aka pam) 1.1.2 and earlier does not verify that a certain ACL file is a regular file, which might allow local users to cause...

How severe is CVE-2010-4707?

CVE-2010-4707 has been rated MEDIUM with a CVSS base score of 4.9/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2010-4707?

Check the references section above for vendor advisories and patch information. Affected products include: Linux-Pam Linux-Pam.