CVE-2011-3148
EPSS 0.16%pam - several
發布日:2012/7/22修改日:2026/4/28
也稱為:DEBIAN-CVE-2011-3148
描述
Stack-based buffer overflow in the _assemble_line function in modules/pam_env/pam_env.c in Linux-PAM (aka pam) before 1.1.5 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long string of white spaces at the beginning of the ~/.pam_environment file.
受影響套件(2)
- Debian/pamfrom 0, < 1.1.3-5
- Debian/pamfrom 0, < 1.1.1-6.1+squeeze1