CVE-2010-3435

Description

The (1) pam_env and (2) pam_mail modules in Linux-PAM (aka pam) before 1.1.2 use root privileges during read access to files and directories that belong to arbitrary user accounts, which might allow local users to obtain sensitive information by leveraging this filesystem activity, as demonstrated by a symlink attack on the .pam_environment file in a user's home directory.

References

https://bugzilla.redhat.com/show_bug.cgi?id=641335

http://www.vupen.com/english/advisories/2011/0606

http://www.vmware.com/security/advisories/VMSA-2011-0004.html

http://www.securityfocus.com/archive/1/516909/100/0/threaded

http://www.redhat.com/support/errata/RHSA-2010-0891.html

http://www.redhat.com/support/errata/RHSA-2010-0819.html

http://www.openwall.com/lists/oss-security/2010/09/24/2

http://www.mandriva.com/security/advisories?name=MDVSA-2010:220

http://security.gentoo.org/glsa/glsa-201206-31.xml

http://secunia.com/advisories/49711

http://openwall.com/lists/oss-security/2010/10/25/2

http://openwall.com/lists/oss-security/2010/09/27/8

http://openwall.com/lists/oss-security/2010/09/27/7

http://openwall.com/lists/oss-security/2010/09/27/5

http://openwall.com/lists/oss-security/2010/09/27/4

http://openwall.com/lists/oss-security/2010/09/27/10

http://openwall.com/lists/oss-security/2010/09/21/3

http://lists.vmware.com/pipermail/security-announce/2011/000126.html

http://git.altlinux.org/people/ldv/packages/?p=pam.git%3Ba=commit%3Bh=06f882f30092a39a1db867c9744b2ca8d60e4ad6

Details

Source: Mitre, NVD

Risk Information

CVSS v2

CVSS v3