CVE-2013-4285

EUVD-2013-4183
A certain Gentoo patch for the PAM S/Key module does not properly clear credentials from memory, which allows local users to obtain sensitive information by reading system memory.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
2.1 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:N/C:P/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 17%
Affected Products (NVD)
VendorProductVersion
dkorunicpam_s\/key
-
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://security.gentoo.org/glsa/glsa-201402-12.xml
http://security.gentoo.org/glsa/glsa-201402-12.xml