CVE-2008-5138

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

---

CVE-2008-5138 at MITRE

Details

passwdehd in libpam-mount 0.43 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/passwdehd.##### temporary file.

---

Novell Bugzilla entry: 465303

SUSE Security Advisories:

• SUSE-SR:2009:005, published Mon, 02 Mar 2009 13:00:00 +0000
• SUSE-SR:2009:005 , published Mon, 02 Mar 2009 13:00:00 +0000

Product(s)	Fixed package version(s)	References
openSUSE 10.3	pam_mount >= 0.18-84.4 pam_mount-32bit >= 0.18-84.4 pam_mount-64bit >= 0.18-84.4	ZYPP Patch Nr: 5916 SAT Patch Nr: 427
openSUSE 11.0	pam_mount-debuginfo >= 0.35-15.8 pam_mount-debugsource >= 0.35-15.8	ZYPP Patch Nr: 5916 SAT Patch Nr: 427
openSUSE 11.0	pam_mount >= 0.35-15.8 pam_mount-32bit >= 0.35-15.8 pam_mount-64bit >= 0.35-15.8	ZYPP Patch Nr: 5916 SAT Patch Nr: 427
openSUSE 11.1	pam_mount-debuginfo >= 0.47-12.14.1 pam_mount-debugsource >= 0.47-12.14.1	ZYPP Patch Nr: 5916 SAT Patch Nr: 427
openSUSE 11.1	pam_mount >= 0.47-12.14.1 pam_mount-32bit >= 0.47-12.14.1 pam_mount-64bit >= 0.47-12.14.1	ZYPP Patch Nr: 5916 SAT Patch Nr: 427
SUSE Linux Enterprise Desktop 10 SP2 for AMD64 and Intel EM64T SUSE Linux Enterprise Desktop 10 SP2 for x86 SUSE Linux Enterprise Server 10 SP2 for AMD64 and Intel EM64T SUSE Linux Enterprise Server 10 SP2 for IBM POWER SUSE Linux Enterprise Server 10 SP2 for IBM zSeries 64bit SUSE Linux Enterprise Server 10 SP2 for IPF SUSE Linux Enterprise Server 10 SP2 for x86	pam_mount >= 0.18-29.20	sled10-sp2. x86 sles10-sp2. s390x sles10-sp2. ppc sles10-sp2. x86 sled10-sp2. x86-64 sles10-sp2. ia64 sles10-sp2. x86-64 ZYPP Patch Nr: 5911
Novell Linux POS 9 Open Enterprise Server SUSE CORE 9 for IBM S/390 31bit SUSE CORE 9 for Itanium Processor Family SUSE CORE 9 for x86	pam_mount >= 0.9.22-1.5	core9. s390 core9. s390x core9. ppc sles9-nlpos. x86 core9. x86 core9. x86-64 core9. ia64 sles9-oes. x86 YOU Patch Nr: 12332
SUSE CORE 9 for IBM POWER	pam_mount >= 0.9.22-1.5 pam_mount-64bit >= 9-200901131809	core9. s390 core9. s390x core9. ppc sles9-nlpos. x86 core9. x86 core9. x86-64 core9. ia64 sles9-oes. x86 YOU Patch Nr: 12332
SUSE CORE 9 for IBM zSeries 64bit	pam_mount >= 0.9.22-1.5 pam_mount-32bit >= 9-200901131807	core9. s390 core9. s390x core9. ppc sles9-nlpos. x86 core9. x86 core9. x86-64 core9. ia64 sles9-oes. x86 YOU Patch Nr: 12332
SUSE CORE 9 for AMD64 and Intel EM64T	pam_mount >= 0.9.22-1.5 pam_mount-32bit >= 9-200901131814	core9. s390 core9. s390x core9. ppc sles9-nlpos. x86 core9. x86 core9. x86-64 core9. ia64 sles9-oes. x86 YOU Patch Nr: 12332

• Support Home
• Download
  • Patches
    • Patch Home
    • Patch Finder
  • Products
  • Drivers
  • Beta
  • Cool Tools
• Help yourself
  • Knowledgebase
  • Novell Support Advisor
  • Discussion Forums
  • Documentation
  • Support by Product
  • Product Support Lifecycle
  • Activate My Product
  • Bookstore
  • Technical Subscriptions
  • Support FAQ
• Let us help
  • Novell Support Programs
    • Linux Support
    • Support for MLA
    • Support for VLA
    • Support for Academic Customers
    • Support for Partners
    • Single Service Request
    • All Support Programs
  • Support from Partner
  • Open Service Request
  • Chat with Us (Non-technical questions)
• Contribute
  • Participate in Beta
  • Report a Bug
  • Share a Tip, Trick, etc.
  • Request Enhancement
  • Report Software Vulnerability
  • Provide Feedback

• Customer Center