CVE-2010-3435

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.redhat.com/support/errata/RHSA-2010-0891.html", "name": "RHSA-2010:0891", "tags": [], "refsource": "REDHAT"}, {"url": "http://www.redhat.com/support/errata/RHSA-2010-0819.html", "name": "RHSA-2010:0819", "tags": [], "refsource": "REDHAT"}, {"url": "http://openwall.com/lists/oss-security/2010/09/21/3", "name": "[oss-security] 20100921 Re: Minor security flaw with pam_xauth", "tags": ["Patch"], "refsource": "MLIST"}, {"url": "http://openwall.com/lists/oss-security/2010/09/27/7", "name": "[oss-security] 20100928 Re: Minor security flaw with pam_xauth", "tags": ["Patch"], "refsource": "MLIST"}, {"url": "http://openwall.com/lists/oss-security/2010/10/25/2", "name": "[oss-security] 20101025 Re: Minor security flaw with pam_xauth", "tags": ["Patch"], "refsource": "MLIST"}, {"url": "http://www.openwall.com/lists/oss-security/2010/09/24/2", "name": "[oss-security] 20100924 Re: Minor security flaw with pam_xauth", "tags": [], "refsource": "MLIST"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=641335", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=641335", "tags": ["Patch"], "refsource": "CONFIRM"}, {"url": "http://openwall.com/lists/oss-security/2010/09/27/8", "name": "[oss-security] 20100927 Re: Minor security flaw with pam_xauth", "tags": [], "refsource": "MLIST"}, {"url": "http://openwall.com/lists/oss-security/2010/09/27/10", "name": "[oss-security] 20100928 Re: Minor security flaw with pam_xauth", "tags": [], "refsource": "MLIST"}, {"url": "http://openwall.com/lists/oss-security/2010/09/27/5", "name": "[oss-security] 20100927 Re: Minor security flaw with pam_xauth", "tags": ["Patch"], "refsource": "MLIST"}, {"url": "http://openwall.com/lists/oss-security/2010/09/27/4", "name": "[oss-security] 20100927 Re: Minor security flaw with pam_xauth", "tags": ["Patch"], "refsource": "MLIST"}, {"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:220", "name": "MDVSA-2010:220", "tags": [], "refsource": "MANDRIVA"}, {"url": "http://lists.vmware.com/pipermail/security-announce/2011/000126.html", "name": "[security-announce] 20110307 VMSA-2011-0004 VMware ESX/ESXi SLPD denial of service vulnerability and ESX third party updates for Service Console packages bind, pam, and rpm", "tags": [], "refsource": "MLIST"}, {"url": "http://www.vmware.com/security/advisories/VMSA-2011-0004.html", "name": "http://www.vmware.com/security/advisories/VMSA-2011-0004.html", "tags": [], "refsource": "CONFIRM"}, {"url": "http://www.vupen.com/english/advisories/2011/0606", "name": "ADV-2011-0606", "tags": [], "refsource": "VUPEN"}, {"url": "http://security.gentoo.org/glsa/glsa-201206-31.xml", "name": "GLSA-201206-31", "tags": [], "refsource": "GENTOO"}, {"url": "http://secunia.com/advisories/49711", "name": "49711", "tags": [], "refsource": "SECUNIA"}, {"url": "http://www.securityfocus.com/archive/1/516909/100/0/threaded", "name": "20110308 VMSA-2011-0004 VMware ESX/ESXi SLPD denial of service vulnerability and ESX third party updates for Service Console packages bind, pam, and rpm.", "tags": [], "refsource": "BUGTRAQ"}, {"url": "http://git.altlinux.org/people/ldv/packages/?p=pam.git%3Ba=commit%3Bh=06f882f30092a39a1db867c9744b2ca8d60e4ad6", "name": "http://git.altlinux.org/people/ldv/packages/?p=pam.git%3Ba=commit%3Bh=06f882f30092a39a1db867c9744b2ca8d60e4ad6", "tags": [], "refsource": "MISC"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "The (1) pam_env and (2) pam_mail modules in Linux-PAM (aka pam) before 1.1.2 use root privileges during read access to files and directories that belong to arbitrary user accounts, which might allow local users to obtain sensitive information by leveraging this filesystem activity, as demonstrated by a symlink attack on the .pam_environment file in a user's home directory."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2010-3435", "ASSIGNER": "secalert@redhat.com"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 4.7, "accessVector": "LOCAL", "vectorString": "AV:L/AC:M/Au:N/C:C/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "COMPLETE"}, "severity": "MEDIUM", "impactScore": 6.9, "obtainAllPrivilege": false, "exploitabilityScore": 3.4, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2011-01-24T18:00Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:linux-pam:linux-pam:0.99.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:linux-pam:linux-pam:0.99.2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:linux-pam:linux-pam:0.99.2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:linux-pam:linux-pam:0.99.3.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:linux-pam:linux-pam:0.99.4.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:linux-pam:linux-pam:0.99.5.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:linux-pam:linux-pam:0.99.6.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:linux-pam:linux-pam:0.99.6.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:linux-pam:linux-pam:0.99.6.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:linux-pam:linux-pam:0.99.6.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:linux-pam:linux-pam:0.99.7.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:linux-pam:linux-pam:0.99.7.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:linux-pam:linux-pam:0.99.8.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:linux-pam:linux-pam:0.99.8.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:linux-pam:linux-pam:0.99.9.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:linux-pam:linux-pam:0.99.10.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:linux-pam:linux-pam:1.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:linux-pam:linux-pam:1.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:linux-pam:linux-pam:1.0.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:linux-pam:linux-pam:1.0.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:linux-pam:linux-pam:1.0.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:linux-pam:linux-pam:1.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:linux-pam:linux-pam:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "1.1.1"}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2023-02-13T04:24Z"}