Published: 24/01/2011 Updated: 07/11/2023

CVSS v2 Base Score: 1.9 | Impact Score: 2.9 | Exploitability Score: 3.4

VMScore: 169

Vector: AV:L/AC:M/Au:N/C:P/I:N/A:N

The privilege-dropping implementation in the (1) pam_env and (2) pam_mail modules in Linux-PAM (aka pam) 1.1.2 does not check the return value of the setfsuid system call, which might allow local users to obtain sensitive information by leveraging an unintended uid, as demonstrated by a symlink attack on the .pam_environment file in a user's home directory. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-3435.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux-pam linux-pam 1.1.2

The USN-1140-1 PAM update caused cron to stop working ...

An attacker could cause PAM to read or delete arbitrary files or cause it to crash ...

Debian Bug report logs - #599832 CVE-2010-3316 CVE-2010-3430 CVE-2010-3431 CVE-2010-3435 Package: pam; Maintainer for pam is Steve Langasek <vorlon@debianorg>; Reported by: Moritz Muehlenhoff <jmm@debianorg> Date: Mon, 11 Oct 2010 17:54:05 UTC Severity: important Tags: security Fixed in version pam/113-1 Done: ...

Debian Bug report logs - #608273 CVE-2010-3853: pam_namespace executes namespaceinit with service's environment Package: pam; Maintainer for pam is Steve Langasek <vorlon@debianorg>; Reported by: Giuseppe Iuculano <iuculano@debianorg> Date: Wed, 29 Dec 2010 15:18:02 UTC Severity: serious Tags: patch, security Fix ...

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2010-3431

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect