CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Linux-Pam: >> Linux-Pam >> 1.1.0 Security Vulnerabilities

CVE-2010-3316

The run_coprocess function in pam_xauth.c in the pam_xauth module in Linux-PAM (aka pam) before 1.1.2 does not check the return values of the setuid, setgid, and setgroups system calls, which might allow local users to read arbitrary files by executing a program that relies on the pam_xauth PAM check.

CVSS Score

3.3

EPSS Score

0.001

Published

2011-01-24

Page 2

Vulnerabilities

Vulnerable Software

Linux-Pam: >> Linux-Pam >> 1.1.0 Security Vulnerabilities

Products

Pricing

Contact Us