exploit the possibilities
Showing 1 - 8 of 8 RSS Feed

CVE-2009-0361

Status Candidate

Overview

Russ Allbery pam-krb5 before 3.13, as used by libpam-heimdal, su in Solaris 10, and other software, does not properly handle calls to pam_setcred when running setuid, which allows local users to overwrite and change the ownership of arbitrary files by setting the KRB5CCNAME environment variable, and then launching a setuid application that performs certain pam_setcred operations.

Related Files

Gentoo Linux Security Advisory 201412-08
Posted Dec 12, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201412-8 - This GLSA contains notification of vulnerabilities found in several Gentoo packages which have been fixed prior to January 1, 2011. The worst of these vulnerabilities could lead to local privilege escalation and remote code execution.

tags | advisory, remote, local, vulnerability, code execution
systems | linux, gentoo
advisories | CVE-2006-3005, CVE-2007-2741, CVE-2008-0553, CVE-2008-1382, CVE-2008-5907, CVE-2008-6218, CVE-2008-6661, CVE-2009-0040, CVE-2009-0360, CVE-2009-0361, CVE-2009-0946, CVE-2009-2042, CVE-2009-2624, CVE-2009-3736, CVE-2009-4029, CVE-2009-4411, CVE-2009-4896, CVE-2010-0001, CVE-2010-0436, CVE-2010-0732, CVE-2010-0829, CVE-2010-1000, CVE-2010-1205, CVE-2010-1511, CVE-2010-2056, CVE-2010-2060, CVE-2010-2192, CVE-2010-2251
MD5 | 4988293251dc9709a0f0caf5c1076c9b
HP Security Bulletin HPSBUX02415 SSRT090023
Posted Apr 7, 2009
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - A potential security vulnerability has been identified with HP-UX running PAM Kerberos. The vulnerability could be exploited locally to create a privilege escalation or to allow an unauthorized access.

tags | advisory
systems | hpux
advisories | CVE-2009-0360, CVE-2009-0361
MD5 | 899132631767954649aec02f6eab71ab
Gentoo Linux Security Advisory 200903-39
Posted Mar 26, 2009
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200903-39 - Two vulnerabilities in pam_krb5 might allow local users to elevate their privileges or overwrite arbitrary files. Versions less than 3.12 are affected.

tags | advisory, arbitrary, local, vulnerability
systems | linux, gentoo
advisories | CVE-2009-0360, CVE-2009-0361
MD5 | 97464b24cd741424abfe96e35d23a6f6
Solaris Kerberos PAM Module Privilege Escalation
Posted Feb 16, 2009
Site sunsolve.sun.com

Sun Security Advisory - A security vulnerability in the Solaris Kerberos PAM module may allow use of a user specified Kerberos configuration file, leading to escalation of privileges.

tags | advisory
systems | solaris
advisories | CVE-2009-0360, CVE-2009-0361
MD5 | f73b0648e348b52c79a6073cb0ed7b67
Ubuntu Security Notice 719-1
Posted Feb 12, 2009
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-719-1 - It was discovered that pam_krb5 parsed environment variables when run with setuid applications. A local attacker could exploit this flaw to bypass authentication checks and gain root privileges. Derek Chan discovered that pam_krb5 incorrectly handled refreshing existing credentials when used with setuid applications. A local attacker could exploit this to create or overwrite arbitrary files, and possibly gain root privileges.

tags | advisory, arbitrary, local, root
systems | linux, ubuntu
advisories | CVE-2009-0360, CVE-2009-0361
MD5 | 154a95c51525c417f8268c76655f24a1
pam-krb5 File Ovewrite
Posted Feb 11, 2009
Authored by Russ Allbery

A security vulnerability in pam-krb5 allowing overwrite and chown of arbitrary files via Solaris su was discovered by Derek Chan and reported by Steven Luo on 2009-01-29. Subsequent code auditing for behavior in setuid applications uncovered another, more general and more serious bug that could result in privilege escalation. Versions below 3.13 are affected.

tags | advisory, arbitrary
systems | solaris
advisories | CVE-2009-0360, CVE-2009-0361
MD5 | da5578df37724c0d89cd20850b161992
Debian Linux Security Advisory 1722-1
Posted Feb 11, 2009
Authored by Debian | Site debian.org

Debian Security Advisory 1722-1 - Derek Chan discovered that the PAM module for the Heimdal Kerberos implementation allows reinitialisation of user credentials when run from a setuid context, resulting in potential local denial of service by overwriting the credential cache file or to local privilege escalation.

tags | advisory, denial of service, local
systems | linux, debian
advisories | CVE-2009-0361
MD5 | d997aec80b7bec41fe97a3e75c5deb5d
Debian Linux Security Advisory 1721-1
Posted Feb 11, 2009
Authored by Debian | Site debian.org

Debian Security Advisory 1721-1 - Several local vulnerabilities have been discovered in the PAM module for MIT Kerberos.

tags | advisory, local, vulnerability
systems | linux, debian
advisories | CVE-2009-0360, CVE-2009-0361
MD5 | 9a5e7a19a1333d12ecc3f561be3df3b4
Page 1 of 1
Back1Next

File Archive:

December 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    22 Files
  • 2
    Dec 2nd
    33 Files
  • 3
    Dec 3rd
    16 Files
  • 4
    Dec 4th
    22 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close