CVE-2013-4285

A certain Gentoo patch for the PAM S/Key module does not properly clear credentials from memory, which allows local users to obtain sensitive information by reading system memory.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
2.1 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:N/C:P/I:N/A:N
redhatCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 17%
VendorProductVersion
dkorunicpam_s\/key
-
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://security.gentoo.org/glsa/glsa-201402-12.xml
http://security.gentoo.org/glsa/glsa-201402-12.xml