The _unix_run_helper_binary function in the pam_unix module in Linux-PAM (aka pam) before 1.2.1, when unable to directly access passwords, allows local users to enumerate usernames or cause a denial of service (hang) via a large password.
References
Configurations
History
No history.
Information
Published : 2015-08-24 14:59
Updated : 2024-02-04 18:53
NVD link : CVE-2015-3238
Mitre link : CVE-2015-3238
CVE.ORG link : CVE-2015-3238
JSON object : View
Products Affected
oracle
- sparc-opl_service_processor
linux-pam
- linux-pam
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor