« List of all CVEs

CVE-2015-3238

Published: 8/24/2015 Last updated: 8/6/2024 Reserved: 4/10/2015

The _unix_run_helper_binary function in the pam_unix module in Linux-PAM (aka pam) before 1.2.1, when unable to directly access passwords, allows local users to enumerate usernames or cause a denial of service (hang) via a large password.

CNA assigner: redhat (53f830b8-0a3f-465b-8143-3b8a9948e749) Requested by: n/a

Opam packages affected (2)

conf-pam pam

Products affected (1)

Product Vendor Version
n/a n/a < a422ebec863d99d5607fb41bb7af3347fcb436d3

References (26)