CVE-2012-1502

Related Files

Gentoo Linux Security Advisory 201507-09

Posted Jul 9, 2015

Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201507-9 - A double free vulnerability in PyPAM could result in execution of arbitrary code or Denial of Service. Versions less than 0.5.0-r3 are affected.

tags | advisory, denial of service, arbitrary

systems | linux, gentoo

advisories | CVE-2012-1502

SHA-256 | 60e9017808fbb14b2fd98b5951a4999a25a4d14a8178fbf8738bb09e5ec0c8c5

Download | Favorite | View

Debian Security Advisory 2430-1

Posted Mar 11, 2012

Authored by Debian | Site debian.org

Debian Linux Security Advisory 2430-1 - Markus Vervier discovered a double free in the Python interface to the PAM library, which could lead to denial of service.

tags | advisory, denial of service, python

systems | linux, debian

advisories | CVE-2012-1502

SHA-256 | 2ec19710b14c960757a18298629a4fe146967600a1a940c36e3ec21bbea87f71

Download | Favorite | View

PyPAM 0.4.2 Double-Free Corruption

Posted Mar 9, 2012

Authored by Markus Vervier | Site lsexperts.de

By supplying a NULL-byte to the PyPAM module, a double-free condition is triggered. This condition may allow for remote code execution. Proof of concept included.

tags | exploit, remote, code execution, proof of concept

advisories | CVE-2012-1502

SHA-256 | b9936d838bd10ba319a3a27d9876c6d69526d361baacacbc111fa9967983d80d

Download | Favorite | View

Ubuntu Security Notice USN-1395-1

Posted Mar 9, 2012

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1395-1 - Markus Vervier discovered that PyPAM incorrectly handled passwords containing NULL bytes. An attacker could exploit this to cause applications using PyPAM to crash, or possibly execute arbitrary code.

tags | advisory, arbitrary

systems | linux, ubuntu

advisories | CVE-2012-1502

SHA-256 | b1a8fc445877f4268bbbc0f2331533ede115fc8cdd1e6992f189e0cbec286da4

Download | Favorite | View