CVE-2011-4122

high

Description

Directory traversal vulnerability in openpam_configure.c in OpenPAM before r478 on FreeBSD 8.1 allows local users to load arbitrary DSOs and gain privileges via a .. (dot dot) in the service_name argument to the pam_start function, as demonstrated by a .. in the -c option to kcheckpass.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/71205

http://trac.des.no/openpam/changeset/478/trunk/lib/openpam_configure.c

http://stealth.openwall.net/xSports/pamslam

http://secunia.com/advisories/46804

http://secunia.com/advisories/46756

http://osvdb.org/76945

http://openwall.com/lists/oss-security/2011/12/08/9

http://openwall.com/lists/oss-security/2011/12/07/3

Details

Source: Mitre, NVD

Published: 2011-11-17

Updated: 2024-11-21

Risk Information

CVSS v2

Base Score: 6.9

Vector: CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C

Severity: Medium

CVSS v3

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: High