CVE-2012-1502

PyPam < 0.5.0 - Double Free in PyPAM_conv

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2012-1502. PoCs published by Markus Vervier.

AI-analyzed exploit summary The exploit demonstrates a double-free vulnerability in PyPAM (Python bindings for PAM) by supplying a password containing a NULL-byte, leading to undefined behavior and potential remote code execution. The PoC script triggers the issue by calling PAM authentication functions with a malformed password.

Description

Double free vulnerability in the PyPAM_conv in PAMmodule.c in PyPam 0.5.0 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a NULL byte in a password string.

Exploits (1)

exploitdb WORKING POC

by Markus Vervier · textdoslinux

https://www.exploit-db.com/exploits/18579

View Code ZIP pw:eip

The exploit demonstrates a double-free vulnerability in PyPAM (Python bindings for PAM) by supplying a password containing a NULL-byte, leading to undefined behavior and potential remote code execution. The PoC script triggers the issue by calling PAM authentication functions with a malformed password.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Theoretical

Target: PyPAM <= 0.4.2, Red Hat PyPAM <= 0.5.0-12, Debian python-pam <= 0.4.2-12.2, Ubuntu python-pam <= 0.4.2-12.2, SUSE python-pam <= 0.5.0-79.1.2, Gentoo pypam <= 0.5.0

No auth needed

Prerequisites: Access to a system with vulnerable PyPAM version · Ability to supply a password with NULL-byte to the PAM module

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 16, 2026 Full analysis →