MDVSA-2010:220
- Package name
- pam
- Date
- 2010-11-04
- Advisory ID
- MDVSA-2010:220
- Affected versions
- 2009.0 x86_64 , MES5 i586 , 2010.1 i586 , 2010.0 x86_64 , 2010.0 i586 , 2009.1 i586 , 2009.0 i586 , 2009.1 x86_64 , MES5 x86_64 , 2010.1 x86_64
Problem description
Multiple vulnerabilities were discovered and corrected in pam:
The pam_xauth module did not verify the return values of the setuid()
and setgid() system calls. A local, unprivileged user could use this
flaw to execute the xauth command with root privileges and make it
read an arbitrary input file (CVE-2010-3316).
The pam_mail module used root privileges while accessing users'
files. In certain configurations, a local, unprivileged user could
use this flaw to obtain limited information about files or directories
that they do not have access to (CVE-2010-3435).
The pam_namespace module executed the external script namespace.init
with an unchanged environment inherited from an application calling
PAM. In cases where such an environment was untrusted (for example,
when pam_namespace was configured for setuid applications such as su
or sudo), a local, unprivileged user could possibly use this flaw to
escalate their privileges (CVE-2010-3853).
Packages for 2009.0 are provided as of the Extended Maintenance
Program. Please visit this link to learn more:
http://store.mandriva.com/product_info.php?cPath=149&products_id=490
The updated packages have been patched to correct these issues.
Updated packages
2009.0 x86_64
35e03d6ab52fc14704180ff225ae0408 2009.0/x86_64/lib64pam0-0.99.8.1-16.2mdv2009.0.x86_64.rpm a93abeab91371f20c1a190e6511ec499 2009.0/x86_64/lib64pam-devel-0.99.8.1-16.2mdv2009.0.x86_64.rpm ef401ab8d6ca3fece20765f21e8a4b81 2009.0/x86_64/pam-0.99.8.1-16.2mdv2009.0.x86_64.rpm 3d3f1d915d7e2b43a66c9417fedcd945 2009.0/x86_64/pam-doc-0.99.8.1-16.2mdv2009.0.x86_64.rpm 369f8fbf430e4e20ec2a049f2d5a8339 2009.0/SRPMS/pam-0.99.8.1-16.2mdv2009.0.src.rpm
MES5 i586
1d08c70aaa1fdfabf369d3e9b7a89e65 mes5/i586/libpam0-0.99.8.1-16.2mdvmes5.1.i586.rpm fd1f3904da9590669e00c5691759f91c mes5/i586/libpam-devel-0.99.8.1-16.2mdvmes5.1.i586.rpm f56f1a78e2e00f770edef9694b91b9e2 mes5/i586/pam-0.99.8.1-16.2mdvmes5.1.i586.rpm e8693a4476626d18db11316bb7fd9c83 mes5/i586/pam-doc-0.99.8.1-16.2mdvmes5.1.i586.rpm 3d07636e6b1208d0fbca2c0ab7d6093c mes5/SRPMS/pam-0.99.8.1-16.2mdvmes5.1.src.rpm
2010.1 i586
c2473140f61385cecdc8ef9ac88dc2e9 2010.1/i586/libpam0-1.1.1-2.1mdv2010.1.i586.rpm 7eec14ba49ec3297e7cfadadc67c3c9f 2010.1/i586/libpam-devel-1.1.1-2.1mdv2010.1.i586.rpm 912c5cda86fba68e867bef8db80d541c 2010.1/i586/pam-1.1.1-2.1mdv2010.1.i586.rpm e64a7bbb0dd34cc24bcbab56135f80a5 2010.1/i586/pam-doc-1.1.1-2.1mdv2010.1.i586.rpm c70e6904e0b740e408ee6bef1d932244 2010.1/SRPMS/pam-1.1.1-2.1mdv2010.1.src.rpm
2010.0 x86_64
cbc1a63c68a6e7928f165cb72b419c81 2010.0/x86_64/lib64pam0-1.1.0-6.1mdv2010.0.x86_64.rpm f4649e861830739a84c6e034c5a02d92 2010.0/x86_64/lib64pam-devel-1.1.0-6.1mdv2010.0.x86_64.rpm 87fadece1f26a3a8fa81e13662f73835 2010.0/x86_64/pam-1.1.0-6.1mdv2010.0.x86_64.rpm 0486af7fd18e4cff4e2d1a0c454fdb7f 2010.0/x86_64/pam-doc-1.1.0-6.1mdv2010.0.x86_64.rpm 796383329dba07f3fa05e998e166cdfd 2010.0/SRPMS/pam-1.1.0-6.1mdv2010.0.src.rpm
2010.0 i586
6dd5a17484b94f93ba8a8cdc8a6994de 2010.0/i586/libpam0-1.1.0-6.1mdv2010.0.i586.rpm 7649cc7d3dd4f756cec888c18a279f94 2010.0/i586/libpam-devel-1.1.0-6.1mdv2010.0.i586.rpm fb09c1526f0e43022aa09a53bda865a4 2010.0/i586/pam-1.1.0-6.1mdv2010.0.i586.rpm 52cb306b585052044bc896d8a092d6da 2010.0/i586/pam-doc-1.1.0-6.1mdv2010.0.i586.rpm 796383329dba07f3fa05e998e166cdfd 2010.0/SRPMS/pam-1.1.0-6.1mdv2010.0.src.rpm
2009.1 i586
c0c392fab146812a023e7633fe1ceeb7 2009.1/i586/libpam0-0.99.8.1-20.1mdv2009.1.i586.rpm 947d0b3b9b90a05ce3a9977c1436c57e 2009.1/i586/libpam-devel-0.99.8.1-20.1mdv2009.1.i586.rpm 4f99d7e29757bf81cc5cb60b5e01df48 2009.1/i586/pam-0.99.8.1-20.1mdv2009.1.i586.rpm ca875c8c456de2772265f922187ca4b4 2009.1/i586/pam-doc-0.99.8.1-20.1mdv2009.1.i586.rpm 31264e4b3f73ed96678d159af6d2e07b 2009.1/SRPMS/pam-0.99.8.1-20.1mdv2009.1.src.rpm
2009.0 i586
69786ba211f064d06465cc7b1495c2d3 2009.0/i586/libpam0-0.99.8.1-16.2mdv2009.0.i586.rpm ad480c4220b456a3ea1c700e4aed85e4 2009.0/i586/libpam-devel-0.99.8.1-16.2mdv2009.0.i586.rpm 53657e6972a7c54172beda78dec01747 2009.0/i586/pam-0.99.8.1-16.2mdv2009.0.i586.rpm badae4a2575ce217567a57caba4671e0 2009.0/i586/pam-doc-0.99.8.1-16.2mdv2009.0.i586.rpm 369f8fbf430e4e20ec2a049f2d5a8339 2009.0/SRPMS/pam-0.99.8.1-16.2mdv2009.0.src.rpm
2009.1 x86_64
1b31bd9af45b6355e153086bf16215de 2009.1/x86_64/lib64pam0-0.99.8.1-20.1mdv2009.1.x86_64.rpm 49b0cd7f2ebfcf3f051f1cfa1127bbe5 2009.1/x86_64/lib64pam-devel-0.99.8.1-20.1mdv2009.1.x86_64.rpm 95090c3f50e47129f973f86a85b827f2 2009.1/x86_64/pam-0.99.8.1-20.1mdv2009.1.x86_64.rpm 845484d6506e2ea62651932558822f63 2009.1/x86_64/pam-doc-0.99.8.1-20.1mdv2009.1.x86_64.rpm 31264e4b3f73ed96678d159af6d2e07b 2009.1/SRPMS/pam-0.99.8.1-20.1mdv2009.1.src.rpm
MES5 x86_64
5eefd3d906380879ad076d7da77dd29e mes5/x86_64/lib64pam0-0.99.8.1-16.2mdvmes5.1.x86_64.rpm c6f5637f2e7c286138aa97c93aede29e mes5/x86_64/lib64pam-devel-0.99.8.1-16.2mdvmes5.1.x86_64.rpm 83f190e1bb31f79cfd4abe7abd2373aa mes5/x86_64/pam-0.99.8.1-16.2mdvmes5.1.x86_64.rpm 7223e7bda42555384e72cb5cdb51c795 mes5/x86_64/pam-doc-0.99.8.1-16.2mdvmes5.1.x86_64.rpm 3d07636e6b1208d0fbca2c0ab7d6093c mes5/SRPMS/pam-0.99.8.1-16.2mdvmes5.1.src.rpm
2010.1 x86_64
c736e5498b71924f834104c6a2a1be46 2010.1/x86_64/lib64pam0-1.1.1-2.1mdv2010.1.x86_64.rpm 6cfabb68e6305e5d5491a4cad6c5fff3 2010.1/x86_64/lib64pam-devel-1.1.1-2.1mdv2010.1.x86_64.rpm 0724a47819b4409b3a819aae12588fe0 2010.1/x86_64/pam-1.1.1-2.1mdv2010.1.x86_64.rpm 247cd2094ce66f3e28e78927ed5d187e 2010.1/x86_64/pam-doc-1.1.1-2.1mdv2010.1.x86_64.rpm c70e6904e0b740e408ee6bef1d932244 2010.1/SRPMS/pam-1.1.1-2.1mdv2010.1.src.rpm