Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
linux-pam linux-pam 1.1.1 vulnerabilities and exploits
(subscribe to this query)
700
VMScore
CVE-2010-0832
pam_motd (aka the MOTD module) in libpam-modules prior to 1.1.0-2ubuntu1.1 in PAM on Ubuntu 9.10 and libpam-modules prior to 1.1.1-2ubuntu5 in PAM on Ubuntu 10.04 LTS allows local users to change the ownership of arbitrary files via a symlink attack on .cache in a user's hom...
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 9.10
2 EDB exploits
641
VMScore
CVE-2010-4708
The pam_env module in Linux-PAM (aka pam) 1.1.2 and previous versions reads the .pam_environment file in a user's home directory, which might allow local users to run programs with an unintended environment by executing a program that relies on the pam_env PAM check.
Linux-pam Linux-pam 1.0.0
Linux-pam Linux-pam 0.99.9.0
Linux-pam Linux-pam 0.99.6.0
Linux-pam Linux-pam 0.99.6.1
Linux-pam Linux-pam 0.99.1.0
Linux-pam Linux-pam 0.99.2.0
Linux-pam Linux-pam 0.99.2.1
Linux-pam Linux-pam 1.0.4
Linux-pam Linux-pam 1.0.1
Linux-pam Linux-pam 1.1.0
Linux-pam Linux-pam 0.99.5.0
Linux-pam Linux-pam 0.99.8.0
Linux-pam Linux-pam 0.99.8.1
Linux-pam Linux-pam 1.0.3
Linux-pam Linux-pam 0.99.6.2
Linux-pam Linux-pam 0.99.6.3
Linux-pam Linux-pam 0.99.3.0
Linux-pam Linux-pam 0.99.4.0
Linux-pam Linux-pam 0.99.10.0
Linux-pam Linux-pam 1.1.1
Linux-pam Linux-pam 1.0.2
Linux-pam Linux-pam 0.99.7.0
1 Github repository
614
VMScore
CVE-2010-3853
pam_namespace.c in the pam_namespace module in Linux-PAM (aka pam) prior to 1.1.3 uses the environment of the invoking application or service during execution of the namespace.init script, which might allow local users to gain privileges by running a setuid program that relies on...
Linux-pam Linux-pam 1.0.4
Linux-pam Linux-pam 1.0.2
Linux-pam Linux-pam 1.1.0
Linux-pam Linux-pam 0.99.7.1
Linux-pam Linux-pam 0.99.8.0
Linux-pam Linux-pam 1.0.3
Linux-pam Linux-pam 1.1.1
Linux-pam Linux-pam 0.99.6.3
Linux-pam Linux-pam 0.99.7.0
Linux-pam Linux-pam 0.99.4.0
Linux-pam Linux-pam
Linux-pam Linux-pam 0.99.9.0
Linux-pam Linux-pam 0.99.8.1
Linux-pam Linux-pam 0.99.6.1
Linux-pam Linux-pam 0.99.6.2
Linux-pam Linux-pam 0.99.2.1
Linux-pam Linux-pam 0.99.3.0
Linux-pam Linux-pam 1.0.1
Linux-pam Linux-pam 1.0.0
Linux-pam Linux-pam 0.99.5.0
Linux-pam Linux-pam 0.99.6.0
Linux-pam Linux-pam 0.99.10.0
436
VMScore
CVE-2010-4706
The pam_sm_close_session function in pam_xauth.c in the pam_xauth module in Linux-PAM (aka pam) 1.1.2 and previous versions does not properly handle a failure to determine a certain target uid, which might allow local users to delete unintended files by executing a program that r...
Linux-pam Linux-pam 0.99.1.0
Linux-pam Linux-pam 0.99.2.0
Linux-pam Linux-pam 0.99.2.1
Linux-pam Linux-pam 0.99.3.0
Linux-pam Linux-pam 0.99.4.0
Linux-pam Linux-pam 0.99.5.0
Linux-pam Linux-pam 0.99.6.0
Linux-pam Linux-pam 0.99.6.1
Linux-pam Linux-pam 0.99.6.2
Linux-pam Linux-pam 0.99.6.3
Linux-pam Linux-pam 0.99.7.0
Linux-pam Linux-pam 0.99.7.1
Linux-pam Linux-pam 0.99.8.0
Linux-pam Linux-pam 0.99.8.1
Linux-pam Linux-pam 0.99.9.0
Linux-pam Linux-pam 0.99.10.0
Linux-pam Linux-pam 1.0.0
Linux-pam Linux-pam 1.0.1
Linux-pam Linux-pam 1.0.2
Linux-pam Linux-pam 1.0.3
Linux-pam Linux-pam 1.0.4
Linux-pam Linux-pam 1.1.0
436
VMScore
CVE-2010-4707
The check_acl function in pam_xauth.c in the pam_xauth module in Linux-PAM (aka pam) 1.1.2 and previous versions does not verify that a certain ACL file is a regular file, which might allow local users to cause a denial of service (resource consumption) via a special file.
Linux-pam Linux-pam 0.99.1.0
Linux-pam Linux-pam 0.99.2.0
Linux-pam Linux-pam 0.99.2.1
Linux-pam Linux-pam 0.99.3.0
Linux-pam Linux-pam 0.99.4.0
Linux-pam Linux-pam 0.99.5.0
Linux-pam Linux-pam 0.99.6.0
Linux-pam Linux-pam 0.99.6.1
Linux-pam Linux-pam 0.99.6.2
Linux-pam Linux-pam 0.99.6.3
Linux-pam Linux-pam 0.99.7.0
Linux-pam Linux-pam 0.99.7.1
Linux-pam Linux-pam 0.99.8.0
Linux-pam Linux-pam 0.99.8.1
Linux-pam Linux-pam 0.99.9.0
Linux-pam Linux-pam 0.99.10.0
Linux-pam Linux-pam 1.0.0
Linux-pam Linux-pam 1.0.1
Linux-pam Linux-pam 1.0.2
Linux-pam Linux-pam 1.0.3
Linux-pam Linux-pam 1.0.4
Linux-pam Linux-pam 1.1.0
409
VMScore
CVE-2011-3148
Stack-based buffer overflow in the _assemble_line function in modules/pam_env/pam_env.c in Linux-PAM (aka pam) prior to 1.1.5 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long string of white spaces at the beginning of the ~/.p...
Linux-pam Linux-pam 0.99.1.0
Linux-pam Linux-pam 0.99.2.0
Linux-pam Linux-pam 0.99.2.1
Linux-pam Linux-pam 0.99.3.0
Linux-pam Linux-pam 0.99.4.0
Linux-pam Linux-pam 0.99.5.0
Linux-pam Linux-pam 0.99.6.0
Linux-pam Linux-pam 0.99.6.1
Linux-pam Linux-pam 0.99.6.2
Linux-pam Linux-pam 0.99.6.3
Linux-pam Linux-pam 0.99.7.0
Linux-pam Linux-pam 0.99.7.1
Linux-pam Linux-pam 0.99.8.0
Linux-pam Linux-pam 0.99.8.1
Linux-pam Linux-pam 0.99.9.0
Linux-pam Linux-pam 0.99.10.0
Linux-pam Linux-pam 1.0.0
Linux-pam Linux-pam 1.0.1
Linux-pam Linux-pam 1.0.2
Linux-pam Linux-pam 1.0.3
Linux-pam Linux-pam 1.0.4
Linux-pam Linux-pam 1.1.0
187
VMScore
CVE-2011-3149
The _expand_arg function in the pam_env module (modules/pam_env/pam_env.c) in Linux-PAM (aka pam) prior to 1.1.5 does not properly handle when environment variable expansion can overflow, which allows local users to cause a denial of service (CPU consumption).
Linux-pam Linux-pam 0.99.1.0
Linux-pam Linux-pam 0.99.2.0
Linux-pam Linux-pam 0.99.2.1
Linux-pam Linux-pam 0.99.3.0
Linux-pam Linux-pam 0.99.4.0
Linux-pam Linux-pam 0.99.5.0
Linux-pam Linux-pam 0.99.6.0
Linux-pam Linux-pam 0.99.6.1
Linux-pam Linux-pam 0.99.6.2
Linux-pam Linux-pam 0.99.6.3
Linux-pam Linux-pam 0.99.7.0
Linux-pam Linux-pam 0.99.7.1
Linux-pam Linux-pam 0.99.8.0
Linux-pam Linux-pam 0.99.8.1
Linux-pam Linux-pam 0.99.9.0
Linux-pam Linux-pam 0.99.10.0
Linux-pam Linux-pam 1.0.0
Linux-pam Linux-pam 1.0.1
Linux-pam Linux-pam 1.0.2
Linux-pam Linux-pam 1.0.3
Linux-pam Linux-pam 1.0.4
Linux-pam Linux-pam 1.1.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started