CVE-2015-3238

The _unix_run_helper_binary function in the pam_unix module in Linux-PAM (aka pam) before 1.2.1, when unable to directly access passwords, allows local users to enumerate usernames or cause a denial of service (hang) via a large password.
Configurations

Configuration 1 (hide)

cpe:2.3:a:linux-pam:linux-pam:*:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:a:oracle:sparc-opl_service_processor:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2015-08-24 14:59

Updated : 2019-01-03 15:01


NVD link : CVE-2015-3238

Mitre link : CVE-2015-3238


JSON object : View

Products Affected

oracle

  • sparc-opl_service_processor

linux-pam

  • linux-pam
CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor