CVE-2009-0361

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

Russ Allbery pam-krb5 before 3.13, as used by libpam-heimdal, su in Solaris 10, and other software, does not properly handle calls to pam_setcred when running setuid, which allows local users to overwrite and change the ownership of arbitrary files by setting the KRB5CCNAME environment variable, and then launching a setuid application that performs certain pam_setcred operations.

References

http://secunia.com/advisories/33914

http://secunia.com/advisories/33917

http://secunia.com/advisories/33918

http://secunia.com/advisories/34260

http://secunia.com/advisories/34449

http://security.gentoo.org/glsa/glsa-200903-39.xml

http://securitytracker.com/id?1021711

http://sunsolve.sun.com/search/document.do?assetkey=1-66-252767-1

http://support.avaya.com/elmodocs2/security/ASA-2009-070.htm

http://www.debian.org/security/2009/dsa-1721

http://www.debian.org/security/2009/dsa-1722

http://www.eyrie.org/~eagle/software/pam-krb5/security/2009-02-11.html

http://www.securityfocus.com/archive/1/500892/100/0/threaded

http://www.securityfocus.com/bid/33741

http://www.ubuntu.com/usn/USN-719-1

http://www.vupen.com/english/advisories/2009/0410

http://www.vupen.com/english/advisories/2009/0426

http://www.vupen.com/english/advisories/2009/0979

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5403

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5521

Details

Source: MITRE

Published: 2009-02-13

Updated: 2018-10-11

Type: CWE-264

Risk Information

CVSS v2

Base Score: 4.6

Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 3.9

Severity: MEDIUM

Tenable Plugins

View all (9 total)

IDNameProductFamilySeverity
79961GLSA-201412-08 : Multiple packages, Multiple vulnerabilities fixed in 2010NessusGentoo Local Security Checks
critical
36218Ubuntu 8.04 LTS / 8.10 : libpam-krb5 vulnerabilities (USN-719-1)NessusUbuntu Local Security Checks
medium
36027GLSA-200903-39 : pam_krb5: Privilege escalationNessusGentoo Local Security Checks
medium
35663Debian DSA-1722-1 : libpam-heimdal - programming errorNessusDebian Local Security Checks
medium
35662Debian DSA-1721-1 : libpam-krb5 - several vulnerabilitiesNessusDebian Local Security Checks
medium
35208Solaris 10 (x86) : 138372-06NessusSolaris Local Security Checks
medium
35197Solaris 10 (sparc) : 138371-06NessusSolaris Local Security Checks
medium
13620Solaris 9 (x86) : 115168-24NessusSolaris Local Security Checks
critical
13520Solaris 9 (sparc) : 112908-38NessusSolaris Local Security Checks
critical