Vulnerability Name:

CVE-2001-1147 (CCN-7266)

Assigned:2001-10-08
Published:2001-10-08
Updated:2008-09-05
Summary:The PAM implementation in /bin/login of the util-linux package before 2.11 causes a password entry to be rewritten across multiple PAM calls, which could provide the credentials of one user to a different user, when used in certain PAM modules such as pam_limits.
CVSS v3 Severity:9.3 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:7.2 High (CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
7.2 High (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-Other
Vulnerability Consequences:Gain Privileges
References:Source: CCN
Type: BugTraq Mailing List, Mon Oct 08 2001 - 08:52:57 CDT
pam_limits.so Bug!!

Source: CCN
Type: BugTraq Mailing List, Tue Oct 09 2001 - 00:10:27 CDT
Re: pam_limits.so Bug!!

Source: MITRE
Type: CNA
CVE-2001-1147

Source: CCN
Type: RHSA-2001-132
New util-linux packages available to fix /bin/login pam problem

Source: CCN
Type: CIAC Information Bulletin M-009
Red Hat Linux PAM Vulnerability

Source: CIAC
Type: UNKNOWN
M-009

Source: XF
Type: Patch, Vendor Advisory
utillinux-pamlimits-gain-privileges(7266)

Source: MANDRAKE
Type: UNKNOWN
MDKSA-2001:084

Source: SUSE
Type: UNKNOWN
SuSE-SA:2001:034

Source: CCN
Type: OSVDB ID: 1970
util-linux /bin/login PAM Privilege Elevation

Source: REDHAT
Type: UNKNOWN
RHSA-2001:132

Source: BUGTRAQ
Type: Vendor Advisory
20011008 pam_limits.so Bug!!

Source: BID
Type: Patch, Vendor Advisory
3415

Source: CCN
Type: BID-3415
Util-Linux Login Pam Privilege Elevation Vulnerability

Source: CCN
Type: SuSE Security Announcement SuSE-SA:2001:034
shadow/login

Source: CCN
Type: Trustix Secure Linux Security Advisory #2001-0025
Util-linux

Source: XF
Type: UNKNOWN
utillinux-pamlimits-gain-privileges(7266)

Vulnerable Configuration:Configuration 1:
  • cpe:/a:andries_brouwer:util-linux:2.10s:*:*:*:*:*:*:*
  • OR cpe:/a:andries_brouwer:util-linux:2.11f:*:*:*:*:*:*:*
  • OR cpe:/a:andries_brouwer:util-linux:2.11h:*:*:*:*:*:*:*
  • OR cpe:/a:andries_brouwer:util-linux:2.11i:*:*:*:*:*:*:*
  • OR cpe:/a:andries_brouwer:util-linux:2.11k:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/o:redhat:linux:6.2:*:*:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:6.3:*:*:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:6.4:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:7:*:*:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:7.0:*:*:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:7.1:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:7.1:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:8.0:*:*:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:7.2:*:*:*:*:*:*:*
  • OR cpe:/o:trustix:secure_linux:1.5:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:8.1:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:7.2:*:*:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:7.3:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:7.3:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    andries_brouwer util-linux 2.10s
    andries_brouwer util-linux 2.11f
    andries_brouwer util-linux 2.11h
    andries_brouwer util-linux 2.11i
    andries_brouwer util-linux 2.11k
    redhat linux 6.2
    suse suse linux 6.3
    suse suse linux 6.4
    redhat linux 7
    suse suse linux 7.0
    suse suse linux 7.1
    redhat linux 7.1
    mandrakesoft mandrake linux 8.0
    suse suse linux 7.2
    trustix secure linux 1.5
    mandrakesoft mandrake linux 8.1
    redhat linux 7.2
    suse suse linux 7.3
    redhat linux 7.3