CVE-2003-0388

Published: Jun 18, 2003

Modified: Aug 8, 2024

PUBLISHED

Description

pam_wheel in Linux-PAM 0.78, with the trust option enabled and the use_uid option disabled, allows local users to spoof log entries and gain privileges by causing getlogin() to return a spoofed user name.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://www.idefense.com/advisory/06.16.03.txt

x_refsource_MISC

20030616 FW: iDEFENSE Security Advisory 06.16.03: Linux-PAM getlogin() Spoofing

mailing-list

x_refsource_BUGTRAQ

RHSA-2004:304

vendor-advisory

x_refsource_REDHAT

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2003-0388

Description

Affected Products

References