cpe:/a:kernel:linux-pam:0.99.1.0 cpe:/a:kernel:linux-pam:0.99.2.0 cpe:/a:kernel:linux-pam:0.99.2.1 cpe:/a:kernel:linux-pam:0.99.3.0 cpe:/a:kernel:linux-pam:0.99.4.0 cpe:/a:kernel:linux-pam:0.99.5.0 cpe:/a:kernel:linux-pam:0.99.6.0 cpe:/a:kernel:linux-pam:0.99.6.1 cpe:/a:kernel:linux-pam:0.99.6.2 cpe:/a:kernel:linux-pam:0.99.6.3 cpe:/a:kernel:linux-pam:0.99.7.0 cpe:/a:kernel:linux-pam:0.99.7.1 cpe:/a:kernel:linux-pam:0.99.8.0 cpe:/a:kernel:linux-pam:0.99.8.1 cpe:/a:kernel:linux-pam:0.99.9.0 cpe:/a:kernel:linux-pam:0.99.10.0 cpe:/a:kernel:linux-pam:1.0.0 cpe:/a:kernel:linux-pam:1.0.1 cpe:/a:kernel:linux-pam:1.0.2 cpe:/a:kernel:linux-pam:1.0.3 cpe:/a:kernel:linux-pam:1.0.4 cpe:/a:kernel:linux-pam:1.1.0 cpe:/a:kernel:linux-pam:1.1.1 cpe:/a:kernel:linux-pam:1.1.2 cpe:/a:kernel:linux-pam:1.1.3 cpe:/a:kernel:linux-pam:1.1.4 CVE-2011-3149 2012-07-22T13:55:01.103-04:00 2014-03-05T23:31:36.020-05:00 2.1 LOCAL LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2012-07-23T13:59:00.000-04:00 SECUNIA 46583 SECUNIA 49711 GENTOO GLSA-201206-31 UBUNTU USN-1237-1 CONFIRM http://git.fedorahosted.org/git/?p=linux-pam.git;a=commitdiff;h=109823cb621c900c07c4b6cdc99070d354d19444 CONFIRM https://bugs.launchpad.net/ubuntu/+source/pam/+bug/874565 The _expand_arg function in the pam_env module (modules/pam_env/pam_env.c) in Linux-PAM (aka pam) before 1.1.5 does not properly handle when environment variable expansion can overflow, which allows local users to cause a denial of service (CPU consumption).