[Forgot Password]
Login  Register Subscribe

23631

 
 

115038

 
 

95906

 
 

909

 
 

78020

 
 

109

Paid content will be excluded from the download.


Download | Alert*
OVAL

USN-719-1 -- libpam-krb5 vulnerabilities

ID: oval:org.secpod.oval:def:700376Date: (C)2011-05-13   (M)2017-10-04
Class: PATCHFamily: unix




It was discovered that pam_krb5 parsed environment variables when run with setuid applications. A local attacker could exploit this flaw to bypass authentication checks and gain root privileges. Derek Chan discovered that pam_krb5 incorrectly handled refreshing existing credentials when used with setuid applications. A local attacker could exploit this to create or overwrite arbitrary files, and possibly gain root privileges

Platform:
Ubuntu 8.10
Ubuntu 8.04
Product:
libpam-krb5
Reference:
USN-719-1
CVE-2009-0360
CVE-2009-0361
CVE    2
CVE-2009-0361
CVE-2009-0360
CPE    1
cpe:/o:ubuntu:ubuntu_linux:8.04

© 2013 SecPod Technologies