Canonical · Libpam-Modules · CVE-2010-0832
**Name of the Vulnerable Software and Affected Versions**
libpam-modules versions prior to 1.1.0-2ubuntu1.1 on Ubuntu 9.10
libpam-modules versions prior to 1.1.1-2ubuntu5 on Ubuntu 10.04 LTS
**Description**
The issue allows local users to change the ownership of arbitrary files via a symlink attack on .cache in a user's home directory. This is related to "user file stamps" and the motd.legal-notice file.
**Recommendations**
For libpam-modules versions prior to 1.1.0-2ubuntu1.1 on Ubuntu 9.10, update to version 1.1.0-2ubuntu1.1 or later.
For libpam-modules versions prior to 1.1.1-2ubuntu5 on Ubuntu 10.04 LTS, update to version 1.1.1-2ubuntu5 or later.