NVD

Id
15946  
Name
CVE-2010-4708  
Description
The pam_env module in Linux-PAM (aka pam) 1.1.2 and earlier reads the .pam_environment file in a user"s home directory, which might allow local users to run programs with an unintended environment by executing a program that relies on the pam_env PAM check.  
Reject
 
CVSS Version
2  
CVSS Score
7.2  
Severity
High  
CVSS Base Score
7.2  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
3.9  
CVSS Vector
(AV:L/AC:L/Au:N/C:C/I:C/A:C)  
Pub Date
2017-01-18  
Published
2011-01-24  
Modified Date
2012-07-23  
Seq
2010-4708  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
90367 15946 CVE-2010-4708 [oss-security] 20100928 Re: Minor security flaw with pam_xauth  View
90368 15946 CVE-2010-4708 http://pam.cvs.sourceforge.net/viewvc/pam/Linux-PAM/modules/pam_env/pam_env.8.xml?r1=1.7&r2=1.8  View
90369 15946 CVE-2010-4708 http://pam.cvs.sourceforge.net/viewvc/pam/Linux-PAM/modules/pam_env/pam_env.c?r1=1.22&r2=1.23  View
90370 15946 CVE-2010-4708 GLSA-201206-31  View
90371 15946 CVE-2010-4708 46046  View
90372 15946 CVE-2010-4708 linuxpam-pamenv-priv-escalation(65037)  View
90373 15946 CVE-2010-4708 https://bugzilla.redhat.com/show_bug.cgi?id=641335  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
33700 JVNDB-2011-003942 Linux-PAM の pam_env モジュールにおける意図しない環境でプログラムを実行される脆弱性 Linux-PAM (pam) のpam_env モジュールは、ユーザのホームディレクトリ内の .pam_environment ファイルを読むため、意図しない環境でプログラムを実行される脆弱性が存在します。 CVE-2010-4708 47288 CVE-2010-4708 15946 7.2 http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-003942.html 2011-01-24 2012-03-27 View