[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248268

 
 

909

 
 

195051

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2008-3825Date: (C)2008-10-03   (M)2023-12-22


pam_krb5 2.2.14 in Red Hat Enterprise Linux (RHEL) 5 and earlier, when the existing_ticket option is enabled, uses incorrect privileges when reading a Kerberos credential cache, which allows local users to gain privileges by setting the KRB5CCNAME environment variable to an arbitrary cache filename and running the (1) su or (2) sudo program. NOTE: there may be a related vector involving sshd that has limited relevance.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 4.4
Exploit Score: 3.4
Impact Score: 6.4
 
CVSS V2 Metrics:
Access Vector: LOCAL
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: PARTIAL
  
Reference:
SECTRACK-1020978
http://www.securityfocus.com/archive/1/516397/100/0/threaded
BID-31534
SECUNIA-32119
SECUNIA-32135
SECUNIA-32174
SECUNIA-43314
FEDORA-2008-8605
FEDORA-2008-8618
MDVSA-2008:209
RHSA-2008:0907
SUSE-SR:2008:027
http://www.vmware.com/security/advisories/VMSA-2011-0003.html
https://bugzilla.redhat.com/show_bug.cgi?id=461960
oval:org.mitre.oval:def:10923
pamkrb5-existingticket-privilege-escalation(45635)

CPE    2
cpe:/o:redhat:enterprise_linux:5:unknown:server
cpe:/o:redhat:enterprise_linux_desktop:5:unknown:client
CWE    1
CWE-264
OVAL    2
oval:org.secpod.oval:def:301463
oval:org.secpod.oval:def:101986

© SecPod Technologies