Oval Definition:	oval:org.mitre.oval:def:24020
Revision Date: 2014-05-26 Version: 20 Title: ELSA-2013:0521: pam security, bug fix, and enhancement update (Moderate) Description: The _expand_arg function in the pam_env module (modules/pam_env/pam_env.c) in Linux-PAM (aka pam) before 1.1.5 does not properly handle when environment variable expansion can overflow, which allows local users to cause a denial of service (CPU consumption). Family: unix Class: patch Status: ACCEPTED Reference(s): CVE-2011-3148 CVE-2011-3149 ELSA-2013:0521-02 Platform(s): Oracle Linux 6 Product(s): pam Definition Synopsis Oracle Linux 6.x AND rpm test pam-devel is earlier than 0:1.1.1-13.el6 OR pam is earlier than 0:1.1.1-13.el6
BACK