| Revision Date: | 2014-02-17 | Version: | 38 |
| Title: | RHSA-2013:0521: pam security, bug fix, and enhancement update (Moderate) |
| Description: | The _expand_arg function in the pam_env module (modules/pam_env/pam_env.c) in Linux-PAM (aka pam) before 1.1.5 does not properly handle when environment variable expansion can overflow, which allows local users to cause a denial of service (CPU consumption). |
| Family: | unix | Class: | patch |
| Status: | ACCEPTED | Reference(s): | CESA-2013:0521
CVE-2011-3148
CVE-2011-3149
RHSA-2013:0521-02
|
| Platform(s): | CentOS Linux 6
Red Hat Enterprise Linux 6
| Product(s): | pam
|
| Definition Synopsis |
| Redhat 6 or Centos 6 release The operating system installed on the system is Red Hat Enterprise Linux 6
OR The operating system installed on the system is CentOS Linux 6.x
AND Packages section
pam-devel is earlier than 0:1.1.1-13.el6
OR pam is earlier than 0:1.1.1-13.el6
|