CVE-2012-1502

N/A Unknown

Published: June 16, 2012 Modified: April 29, 2026

Description

Double free vulnerability in the PyPAM_conv in PAMmodule.c in PyPam 0.5.0 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a NULL byte in a password string.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://lists.opensuse.org/opensuse-updates/2012-04/msg00027.html

Source: cve@mitre.org

http://secunia.com/advisories/48312

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/48332

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/48746

Source: cve@mitre.org

Vendor Advisory

http://ubuntu.com/usn/usn-1395-1

Source: cve@mitre.org

http://www.debian.org/security/2012/dsa-2430

Source: cve@mitre.org

http://www.lsexperts.de/advisories/lse-2012-03-01.txt

Source: cve@mitre.org

Exploit

http://www.osvdb.org/79892

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/73857

Source: cve@mitre.org

https://security.gentoo.org/glsa/201507-09

Source: cve@mitre.org

http://lists.opensuse.org/opensuse-updates/2012-04/msg00027.html