CVE-2015-3238 - OpenCVE

The _unix_run_helper_binary function in the pam_unix module in Linux-PAM (aka pam) before 1.2.1, when unable to directly access passwords, allows local users to enumerate usernames or cause a denial of service (hang) via a large password.

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact Low

User Interaction None

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact Partial

AV:N/AC:M/Au:N/C:P/I:N/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Linux-pam	Linux-pam
Oracle	Sparc-opl Service Processor

Configuration 1 [-]

cpe:2.3:a:linux-pam:linux-pam:*:*:*:*:*:*:*:*

Configuration 2 [-]

cpe:2.3:a:oracle:sparc-opl_service_processor:*:*:*:*:*:*:*:*

References

Link	Resource
http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161350.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-June/161249.html
http://rhn.redhat.com/errata/RHSA-2015-1640.html	Vendor Advisory
http://www.openwall.com/lists/oss-security/2015/06/25/13
http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
http://www.securityfocus.com/bid/75428
http://www.ubuntu.com/usn/USN-2935-1
http://www.ubuntu.com/usn/USN-2935-2
http://www.ubuntu.com/usn/USN-2935-3
https://bugzilla.redhat.com/show_bug.cgi?id=1228571
https://security.gentoo.org/glsa/201605-05
https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2015-011/?fid=6551	Exploit
https://www.trustwave.com/Resources/SpiderLabs-Blog/Username-Enumeration-against-OpenSSH-SELinux-with-CVE-2015-3238/	Exploit

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: redhat

Published: 2015-08-24T14:00:00

Updated: 2016-12-01T15:57:02

Reserved: 2015-04-10T00:00:00

Link: CVE-2015-3238

JSON object: View

NVD Information

Status : Modified

Published: 2015-08-24T14:59:04.010

Modified: 2023-02-12T23:15:31.960

Link: CVE-2015-3238

JSON object: View

Redhat Information

No data.

CWE

CWE-200

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2015-06-25T00:00:00", "descriptions": [{"lang": "en", "value": "The _unix_run_helper_binary function in the pam_unix module in Linux-PAM (aka pam) before 1.2.1, when unable to directly access passwords, allows local users to enumerate usernames or cause a denial of service (hang) via a large password."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2016-12-01T15:57:02", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "FEDORA-2015-10830", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/161249.html"}, {"name": "RHSA-2015:1640", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2015-1640.html"}, {"name": "[oss-security] 20150625 Linux-PAM 1.2.1 released to address CVE-2015-3238", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2015/06/25/13"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1228571"}, {"tags": ["x_refsource_MISC"], "url": "https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2015-011/?fid=6551"}, {"name": "GLSA-201605-05", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "https://security.gentoo.org/glsa/201605-05"}, {"name": "USN-2935-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-2935-2"}, {"name": "USN-2935-3", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-2935-3"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"}, {"name": "USN-2935-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-2935-1"}, {"name": "FEDORA-2015-10848", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161350.html"}, {"name": "75428", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/75428"}, {"tags": ["x_refsource_MISC"], "url": "https://www.trustwave.com/Resources/SpiderLabs-Blog/Username-Enumeration-against-OpenSSH-SELinux-with-CVE-2015-3238/"}]}}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2015-3238", "datePublished": "2015-08-24T14:00:00", "dateReserved": "2015-04-10T00:00:00", "dateUpdated": "2016-12-01T15:57:02", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:linux-pam:linux-pam:*:*:*:*:*:*:*:*", "matchCriteriaId": "97736CA5-0370-4CA9-B5D4-E157B3E699F5", "versionEndIncluding": "1.1.8", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:oracle:sparc-opl_service_processor:*:*:*:*:*:*:*:*", "matchCriteriaId": "6AF02A45-1811-44F2-B3C9-90C11F5DF6DF", "versionEndIncluding": "1121", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The _unix_run_helper_binary function in the pam_unix module in Linux-PAM (aka pam) before 1.2.1, when unable to directly access passwords, allows local users to enumerate usernames or cause a denial of service (hang) via a large password."}, {"lang": "es", "value": "Vulnerabilidad en la funci\u00f3n _unix_run_helper_binary en el m\u00f3dulo pam_unix en Linux-PAM (tambi\u00e9n conocido como pam) en versiones anteriores a 1.2.1, cuando no es posible acceder directamente a las contrase\u00f1as, permite a usuarios locales enumerar los nombres de usuario o causar una denegaci\u00f3n de servicio (colgado) a trav\u00e9s de una contrase\u00f1a larga."}], "id": "CVE-2015-3238", "lastModified": "2023-02-12T23:15:31.960", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 2.5, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2015-08-24T14:59:04.010", "references": [{"source": "secalert@redhat.com", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161350.html"}, {"source": "secalert@redhat.com", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/161249.html"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2015-1640.html"}, {"source": "secalert@redhat.com", "url": "http://www.openwall.com/lists/oss-security/2015/06/25/13"}, {"source": "secalert@redhat.com", "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"}, {"source": "secalert@redhat.com", "url": "http://www.securityfocus.com/bid/75428"}, {"source": "secalert@redhat.com", "url": "http://www.ubuntu.com/usn/USN-2935-1"}, {"source": "secalert@redhat.com", "url": "http://www.ubuntu.com/usn/USN-2935-2"}, {"source": "secalert@redhat.com", "url": "http://www.ubuntu.com/usn/USN-2935-3"}, {"source": "secalert@redhat.com", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1228571"}, {"source": "secalert@redhat.com", "url": "https://security.gentoo.org/glsa/201605-05"}, {"source": "secalert@redhat.com", "tags": ["Exploit"], "url": "https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2015-011/?fid=6551"}, {"source": "secalert@redhat.com", "tags": ["Exploit"], "url": "https://www.trustwave.com/Resources/SpiderLabs-Blog/Username-Enumeration-against-OpenSSH-SELinux-with-CVE-2015-3238/"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "nvd@nist.gov", "type": "Primary"}]}