CVE-2011-5054 - Vulnerability Details - OpenCVE

kcheckpass passes a user-supplied argument to the pam_start function, often within a setuid environment, which allows local users to invoke any configured PAM stack, and possibly trigger unintended side effects, via an arbitrary valid PAM service name, a different vulnerability than CVE-2011-4122. NOTE: the vendor indicates that the possibility of resultant privilege escalation may be "a bit far-fetched."

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Kde	Kcheckpass

Configuration 1 [-]

cpe:2.3:a:kde:kcheckpass:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://c-skills.blogspot.com/2011/11/openpam-trickery.html
http://openwall.com/lists/oss-security/2011/12/07/3
http://openwall.com/lists/oss-security/2011/12/08/9
http://openwall.com/lists/oss-security/2011/12/23/8
http://openwall.com/lists/oss-security/2011/12/27/1
http://openwall.com/lists/oss-security/2011/12/27/3
http://openwall.com/lists/oss-security/2011/12/28/5
http://openwall.com/lists/oss-security/2012/01/02/10
http://openwall.com/lists/oss-security/2012/01/02/11
https://exchange.xforce.ibmcloud.com/vulnerabilities/72230

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2012-01-06T21:00:00

Updated: 2024-08-07T00:23:39.906Z

Reserved: 2012-01-06T00:00:00

Link: CVE-2011-5054

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2012-01-06T21:55:01.217

Modified: 2025-04-11T00:51:21.963

Link: CVE-2011-5054

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2011-11-08T00:00:00", "descriptions": [{"lang": "en", "value": "kcheckpass passes a user-supplied argument to the pam_start function, often within a setuid environment, which allows local users to invoke any configured PAM stack, and possibly trigger unintended side effects, via an arbitrary valid PAM service name, a different vulnerability than CVE-2011-4122. NOTE: the vendor indicates that the possibility of resultant privilege escalation may be \"a bit far-fetched.\""}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-28T12:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "kcheckpass-pamstart-priv-esc(72230)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72230"}, {"name": "[oss-security] 20111207 Disputing CVE-2011-4122", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://openwall.com/lists/oss-security/2011/12/07/3"}, {"name": "[oss-security] 20111228 Re: Disputing CVE-2011-4122", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://openwall.com/lists/oss-security/2011/12/28/5"}, {"name": "[oss-security] 20111228 Re: Disputing CVE-2011-4122", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://openwall.com/lists/oss-security/2011/12/27/3"}, {"name": "[oss-security] 20111224 Re: Disputing CVE-2011-4122", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://openwall.com/lists/oss-security/2011/12/23/8"}, {"name": "[oss-security] 20120102 Re: Disputing CVE-2011-4122", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://openwall.com/lists/oss-security/2012/01/02/11"}, {"name": "[oss-security] 20111226 Re: Disputing CVE-2011-4122", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://openwall.com/lists/oss-security/2011/12/27/1"}, {"tags": ["x_refsource_MISC"], "url": "http://c-skills.blogspot.com/2011/11/openpam-trickery.html"}, {"name": "[oss-security] 20111208 Re: Disputing CVE-2011-4122", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://openwall.com/lists/oss-security/2011/12/08/9"}, {"name": "[oss-security] 20120102 Re: Disputing CVE-2011-4122", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://openwall.com/lists/oss-security/2012/01/02/10"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2011-5054", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "kcheckpass passes a user-supplied argument to the pam_start function, often within a setuid environment, which allows local users to invoke any configured PAM stack, and possibly trigger unintended side effects, via an arbitrary valid PAM service name, a different vulnerability than CVE-2011-4122. NOTE: the vendor indicates that the possibility of resultant privilege escalation may be \"a bit far-fetched.\""}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "kcheckpass-pamstart-priv-esc(72230)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72230"}, {"name": "[oss-security] 20111207 Disputing CVE-2011-4122", "refsource": "MLIST", "url": "http://openwall.com/lists/oss-security/2011/12/07/3"}, {"name": "[oss-security] 20111228 Re: Disputing CVE-2011-4122", "refsource": "MLIST", "url": "http://openwall.com/lists/oss-security/2011/12/28/5"}, {"name": "[oss-security] 20111228 Re: Disputing CVE-2011-4122", "refsource": "MLIST", "url": "http://openwall.com/lists/oss-security/2011/12/27/3"}, {"name": "[oss-security] 20111224 Re: Disputing CVE-2011-4122", "refsource": "MLIST", "url": "http://openwall.com/lists/oss-security/2011/12/23/8"}, {"name": "[oss-security] 20120102 Re: Disputing CVE-2011-4122", "refsource": "MLIST", "url": "http://openwall.com/lists/oss-security/2012/01/02/11"}, {"name": "[oss-security] 20111226 Re: Disputing CVE-2011-4122", "refsource": "MLIST", "url": "http://openwall.com/lists/oss-security/2011/12/27/1"}, {"name": "http://c-skills.blogspot.com/2011/11/openpam-trickery.html", "refsource": "MISC", "url": "http://c-skills.blogspot.com/2011/11/openpam-trickery.html"}, {"name": "[oss-security] 20111208 Re: Disputing CVE-2011-4122", "refsource": "MLIST", "url": "http://openwall.com/lists/oss-security/2011/12/08/9"}, {"name": "[oss-security] 20120102 Re: Disputing CVE-2011-4122", "refsource": "MLIST", "url": "http://openwall.com/lists/oss-security/2012/01/02/10"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T00:23:39.906Z"}, "title": "CVE Program Container", "references": [{"name": "kcheckpass-pamstart-priv-esc(72230)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72230"}, {"name": "[oss-security] 20111207 Disputing CVE-2011-4122", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://openwall.com/lists/oss-security/2011/12/07/3"}, {"name": "[oss-security] 20111228 Re: Disputing CVE-2011-4122", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://openwall.com/lists/oss-security/2011/12/28/5"}, {"name": "[oss-security] 20111228 Re: Disputing CVE-2011-4122", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://openwall.com/lists/oss-security/2011/12/27/3"}, {"name": "[oss-security] 20111224 Re: Disputing CVE-2011-4122", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://openwall.com/lists/oss-security/2011/12/23/8"}, {"name": "[oss-security] 20120102 Re: Disputing CVE-2011-4122", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://openwall.com/lists/oss-security/2012/01/02/11"}, {"name": "[oss-security] 20111226 Re: Disputing CVE-2011-4122", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://openwall.com/lists/oss-security/2011/12/27/1"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://c-skills.blogspot.com/2011/11/openpam-trickery.html"}, {"name": "[oss-security] 20111208 Re: Disputing CVE-2011-4122", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://openwall.com/lists/oss-security/2011/12/08/9"}, {"name": "[oss-security] 20120102 Re: Disputing CVE-2011-4122", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://openwall.com/lists/oss-security/2012/01/02/10"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2011-5054", "datePublished": "2012-01-06T21:00:00", "dateReserved": "2012-01-06T00:00:00", "dateUpdated": "2024-08-07T00:23:39.906Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:kde:kcheckpass:*:*:*:*:*:*:*:*", "matchCriteriaId": "898F355B-03A2-4F58-B8E9-E03C148E74E5", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "kcheckpass passes a user-supplied argument to the pam_start function, often within a setuid environment, which allows local users to invoke any configured PAM stack, and possibly trigger unintended side effects, via an arbitrary valid PAM service name, a different vulnerability than CVE-2011-4122. NOTE: the vendor indicates that the possibility of resultant privilege escalation may be \"a bit far-fetched.\""}, {"lang": "es", "value": "La aplicaci\u00f3n de Linux kcheckpass pasa un argumento suministrado por el usuario a la funci\u00f3n pam_start, a menudo dentro de un ambiente setuid, lo que permite a usuarios locales invocar cualquier pila PAM configurada y posiblemente provocar efectos secundarios no deseados, a trav\u00e9s de un nombre de servicio PAM v\u00e1lido. Se trata de una vulnerabilidad diferente a CVE-2011-4122. NOTA: El vendedor indica que la posibilidad de una escalada de privilegios resultante puede ser \"un poco exagerada\"."}], "id": "CVE-2011-5054", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 6.9, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.4, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2012-01-06T21:55:01.217", "references": [{"source": "cve@mitre.org", "url": "http://c-skills.blogspot.com/2011/11/openpam-trickery.html"}, {"source": "cve@mitre.org", "url": "http://openwall.com/lists/oss-security/2011/12/07/3"}, {"source": "cve@mitre.org", "url": "http://openwall.com/lists/oss-security/2011/12/08/9"}, {"source": "cve@mitre.org", "url": "http://openwall.com/lists/oss-security/2011/12/23/8"}, {"source": "cve@mitre.org", "url": "http://openwall.com/lists/oss-security/2011/12/27/1"}, {"source": "cve@mitre.org", "url": "http://openwall.com/lists/oss-security/2011/12/27/3"}, {"source": "cve@mitre.org", "url": "http://openwall.com/lists/oss-security/2011/12/28/5"}, {"source": "cve@mitre.org", "url": "http://openwall.com/lists/oss-security/2012/01/02/10"}, {"source": "cve@mitre.org", "url": "http://openwall.com/lists/oss-security/2012/01/02/11"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72230"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://c-skills.blogspot.com/2011/11/openpam-trickery.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://openwall.com/lists/oss-security/2011/12/07/3"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://openwall.com/lists/oss-security/2011/12/08/9"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://openwall.com/lists/oss-security/2011/12/23/8"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://openwall.com/lists/oss-security/2011/12/27/1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://openwall.com/lists/oss-security/2011/12/27/3"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://openwall.com/lists/oss-security/2011/12/28/5"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://openwall.com/lists/oss-security/2012/01/02/10"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://openwall.com/lists/oss-security/2012/01/02/11"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72230"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-287"}], "source": "nvd@nist.gov", "type": "Primary"}]}