Computer Security
[EN] securityvulns.ru no-pyccku


FreeBSD multiple security vulnerabilities
Published:02.01.2012
Source:
SecurityVulns ID:12125
Type:remote
Threat Level:
7/10
Description:Invalid nsdispatch() implementation for chroot'ed environment, multiple PAM vulnerabilities.
Affected:FREEBSD : FreeBSD 7.3
 FREEBSD : FreeBSD 8.1
 FREEBSD : FreeBSD 7.4
 FREEBSD : FreeBSD 8.2
 FREEBSD : FreeBSD 9.0
CVE:CVE-2011-4122 (Directory traversal vulnerability in openpam_configure.c in OpenPAM before r478 on FreeBSD 8.1 allows local users to load arbitrary DSOs and gain privileges via a .. (dot dot) in the service_name argument to the pam_start function, as demonstrated by a .. in the -c option to kcheckpass.)
Original documentdocumentFREEBSD, FreeBSD Security Advisory FreeBSD-SA-11:09.pam_ssh (02.01.2012)
 documentFREEBSD, FreeBSD Security Advisory FreeBSD-SA-11:10.pam (02.01.2012)
 documentFREEBSD, FreeBSD Security Advisory FreeBSD-SA-11:07.chroot (02.01.2012)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod