Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Untrusted search path vulnerability in pam_motd (aka the MOTD module) in libpam-modules before 1.1.3-2ubuntu2.1 on Ubuntu 11.10, before 1.1.2-2ubuntu8.4 on Ubuntu 11.04, before 1.1.1-4ubuntu2.4 on Ubuntu 10.10, before 1.1.1-2ubuntu5.4 on Ubuntu 10.04 LTS, and before 0.99.7.1-5ubuntu6.5 on Ubuntu 8.04 LTS, when using certain configurations such as "session optional pam_motd.so", allows local users to gain privileges by modifying the PATH environment variable to reference a malicious command, as demonstrated via uname.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
libpam-modules pam_motd模块不可信搜索路径漏洞
Vulnerability Description
libpam-modules是一个基于Ubuntu系统且用于PAM的插入式验证模块。 libpam-modules的pam_motd(又名MOTD)模块中存在不可信搜索路径漏洞,该漏洞源于模块没有正确处理环境变量。本地攻击者可通过修改PATH环境变量利用该漏洞获取特权,执行任意代码。以下版本受到影响:基于Ubuntu 11.10,11.04,10.10,10.04 LTS,8.04 LTS平台上的libpam-modules 0.9.7,1.1.1至1.1.3版本。
CVSS Information
N/A
Vulnerability Type
N/A