Privilege Escalation Vulnerability in Linux-PAM by Linux
CVE-2010-3431

Currently unrated

Key Information:

Vendor: Linux-pam
Status: Linux-pam
Vendor: CVE Published:; 24 January 2011

What is CVE-2010-3431?

The Linux-PAM modules pam_env and pam_mail have a vulnerability due to the privilege-dropping functionality that fails to verify the return value of the setfsuid system call. This oversight could allow local users to exploit their privileges through crafted symlink attacks on the .pam_environment file in their home directories, leading to the potential exposure of sensitive user-related data. This issue has arisen from an incomplete resolution of a previous vulnerability affecting PAM.

References

http://openwall.com/lists/oss-security/2010/09/27/5

mailing-listx_refsource_MLIST

http://openwall.com/lists/oss-security/2010/09/21/3

mailing-listx_refsource_MLIST

http://security.gentoo.org/glsa/glsa-201206-31.xml

vendor-advisoryx_refsource_GENTOO

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 24, 2011
Vulnerability Reserved
Sep 17, 2010

Linux-pam

What is CVE-2010-3431?

References

Timeline