6.2 - CVE-2009-0360

Executive Summary

Informations
Name	CVE-2009-0360	First vendor Publication	2009-02-13
Vendor	Cve	Last vendor Modification	2018-10-11

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:H/Au:N/C:C/I:C/A:C)
Cvss Base Score	6.2	Attack Range	Local
Cvss Impact Score	10	Attack Complexity	High
Cvss Expoit Score	1.9	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Russ Allbery pam-krb5 before 3.13, when linked against MIT Kerberos, does not properly initialize the Kerberos libraries for setuid use, which allows local users to gain privileges by pointing an environment variable to a modified Kerberos configuration file, and then launching a PAM-based setuid application.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0360

CWE : Common Weakness Enumeration

%	Id	Name
100 %	CWE-287	Improper Authentication

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:5669

Oval ID:	oval:org.mitre.oval:def:5669
Title:	HP-UX Running PAM Kerberos, Local Privilege Escalation, Unauthorized Access
Description:	Russ Allbery pam-krb5 before 3.13, when linked against MIT Kerberos, does not properly initialize the Kerberos libraries for setuid use, which allows local users to gain privileges by pointing an environment variable to a modified Kerberos configuration file, and then launching a PAM-based setuid application.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2009-0360	Version:	9
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
Criteria meets HP Security Bulletin HPSBUX02415 HP Release B.11.23 AND filesets tests PAM-Kerberos.PAM-KRB-64SLIB version is less than C.01.25 AND PAM-Kerberos.PAM-KRB-DEMO version is less than C.01.25 AND PAM-Kerberos.PAM-KRB-I64LIB version is less than C.01.25 AND PAM-Kerberos.PAM-KRB-IASLIB version is less than C.01.25 AND PAM-Kerberos.PAM-KRB-MAN version is less than C.01.25 AND PAM-Kerberos.PAM-KRB-RUN version is less than C.01.25 AND PAM-Kerberos.PAM-KRB-SHLIB version is less than C.01.25 OR Criteria meets HP Security Bulletin HPSBUX02415 HP Release B.11.11 AND filesets tests KRBS-Support.KRBS-SUPP-MAN version is less than B.11.11.16 AND KRBS-Support.KRBS-SUPP-NOTE version is less than B.11.11.16 AND KRBS-Support.KRBS-SUPP-RUN version is less than B.11.11.16 AND PAM-Kerberos.PAM-KRB-64SLIB version is less than B.11.11.16 AND PAM-Kerberos.PAM-KRB-DEMO version is less than B.11.11.16 AND PAM-Kerberos.PAM-KRB-MAN version is less than B.11.11.16 AND PAM-Kerberos.PAM-KRB-RUN version is less than B.11.11.16 AND PAM-Kerberos.PAM-KRB-SHLIB version is less than B.11.11.16 OR Criteria meets HP Security Bulletin HPSBUX02415 HP-UX B.11.31 AND filesets tests PAM-Kerberos.PAM-KRB-64SLIB version is less than D.01.25 AND PAM-Kerberos.PAM-KRB-DEMO version is less than D.01.25 AND PAM-Kerberos.PAM-KRB-I64LIB version is less than D.01.25 AND PAM-Kerberos.PAM-KRB-IASLIB version is less than D.01.25 AND PAM-Kerberos.PAM-KRB-MAN version is less than D.01.25 AND PAM-Kerberos.PAM-KRB-RUN version is less than D.01.25 AND PAM-Kerberos.PAM-KRB-SHLIB version is less than D.01.25

Definition Id: oval:org.mitre.oval:def:5732

Oval ID:	oval:org.mitre.oval:def:5732
Title:	A Security Vulnerability in the Solaris Kerberos PAM Module May Allow Use of a User Specified Kerberos Configuration File, Leading to Escalation of Privileges
Description:	Russ Allbery pam-krb5 before 3.13, when linked against MIT Kerberos, does not properly initialize the Kerberos libraries for setuid use, which allows local users to gain privileges by pointing an environment variable to a modified Kerberos configuration file, and then launching a PAM-based setuid application.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2009-0360	Version:	1
Platform(s):	Sun Solaris 8 Sun Solaris 9 Sun Solaris 10	Product(s):
Definition Synopsis:
Solaris 8 (SPARC) meets Sun Alert 252767 Solaris 8 (SPARC) is installed AND NOT Patch 112237-16 or later installed AND NOT Patch 112390-14 or later installed OR Solaris 9 (SPARC) meets Sun Alert 252767 Solaris 9 (SPARC) is installed AND NOT Patch 112908-34 or later installed OR Solaris 10 (SPARC) meets Sun Alert 252767 Solaris 10 (SPARC) is installed AND NOT Patch 138371-06 or later installed OR Solaris 8 (x86) meets Sun Alert 252767 Solaris 8 (x86) is installed AND NOT Patch 112238-15 or later installed AND NOT Patch 112240-13 or later installed OR Solaris 9 (x86) meets Sun Alert 252767 Solaris 9 (x86) is installed AND NOT Patch 115168-19 or later installed OR Solaris 10 (x86) meets Sun Alert 252767 Solaris 10 (x86) is installed AND NOT Patch 138372-06 or later installed

CPE : Common Platform Enumeration

Type	Description	Count
Application	Eyrie Pam-krb5 cpe:2.3:a:eyrie:pam-krb5:3.9:::::::* cpe:2.3:a:eyrie:pam-krb5:3.8:::::::* cpe:2.3:a:eyrie:pam-krb5:3.7:::::::* cpe:2.3:a:eyrie:pam-krb5:3.6:::::::* cpe:2.3:a:eyrie:pam-krb5:3.5:::::::* cpe:2.3:a:eyrie:pam-krb5:3.4:::::::* cpe:2.3:a:eyrie:pam-krb5:3.3:::::::* cpe:2.3:a:eyrie:pam-krb5:3.2:::::::* cpe:2.3:a:eyrie:pam-krb5:3.11:::::::* cpe:2.3:a:eyrie:pam-krb5:3.10:::::::* cpe:2.3:a:eyrie:pam-krb5:3.1:::::::* cpe:2.3:a:eyrie:pam-krb5:3.0:::::::* cpe:2.3:a:eyrie:pam-krb5:2.6:::::::* cpe:2.3:a:eyrie:pam-krb5:2.5:::::::* cpe:2.3:a:eyrie:pam-krb5:2.4:::::::* cpe:2.3:a:eyrie:pam-krb5:2.3.4:::::::* cpe:2.3:a:eyrie:pam-krb5:2.3:::::::* cpe:2.3:a:eyrie:pam-krb5:2.2.14:::::::* cpe:2.3:a:eyrie:pam-krb5:2.2:::::::* cpe:2.3:a:eyrie:pam-krb5:2.1:::::::* cpe:2.3:a:eyrie:pam-krb5:2.0:::::::*	21

ExploitDB Exploits

id	Description
2009-03-29	pam-krb5 < 3.13 Local Privilege Escalation Exploit

OpenVAS Exploits

Date	Description
2009-06-05	Name : Ubuntu USN-719-1 (libpam-krb5) File : nvt/ubuntu_719_1.nasl
2009-05-05	Name : HP-UX Update for PAM Kerberos HPSBUX02415 File : nvt/gb_hp_ux_HPSBUX02415.nasl
2009-03-31	Name : Gentoo Security Advisory GLSA 200903-39 (pam_krb5) File : nvt/glsa_200903_39.nasl
2009-02-13	Name : Debian Security Advisory DSA 1721-1 (libpam-krb5) File : nvt/deb_1721_1.nasl

Open Source Vulnerability Database (OSVDB)

Id	Description
54343	Russ Allbery pam-krb5 Kerberos Library Initialization Subversion Local Privil...

Nessus® Vulnerability Scanner

Date	Description
2014-12-15	Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201412-08.nasl - Type : ACT_GATHER_INFO
2009-04-23	Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-719-1.nasl - Type : ACT_GATHER_INFO
2009-03-27	Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200903-39.nasl - Type : ACT_GATHER_INFO
2009-02-13	Name : The remote Debian host is missing a security-related update. File : debian_DSA-1721.nasl - Type : ACT_GATHER_INFO
2009-02-13	Name : The remote Debian host is missing a security-related update. File : debian_DSA-1722.nasl - Type : ACT_GATHER_INFO
2004-07-12	Name : The remote host is missing Sun Security Patch number 112908-38 File : solaris9_112908.nasl - Type : ACT_GATHER_INFO
2004-07-12	Name : The remote host is missing Sun Security Patch number 115168-24 File : solaris9_x86_115168.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

Source	Url
BID	http://www.securityfocus.com/bid/33740
BUGTRAQ	http://www.securityfocus.com/archive/1/500892/100/0/threaded
CONFIRM	http://support.avaya.com/elmodocs2/security/ASA-2009-070.htm
DEBIAN	http://www.debian.org/security/2009/dsa-1721
GENTOO	http://security.gentoo.org/glsa/glsa-200903-39.xml
MISC	http://www.eyrie.org/~eagle/software/pam-krb5/security/2009-02-11.html
OVAL	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.ova... https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.ova...
SECTRACK	http://securitytracker.com/id?1021711
SECUNIA	http://secunia.com/advisories/33914 http://secunia.com/advisories/33917 http://secunia.com/advisories/34260 http://secunia.com/advisories/34449
SUNALERT	http://sunsolve.sun.com/search/document.do?assetkey=1-66-252767-1
UBUNTU	http://www.ubuntu.com/usn/USN-719-1
VUPEN	http://www.vupen.com/english/advisories/2009/0410 http://www.vupen.com/english/advisories/2009/0426 http://www.vupen.com/english/advisories/2009/0979

Alert History

If you want to see full details history, please login or register.

Date	Informations
2021-05-04 12:09:05	Multiple Updates
2021-04-22 01:09:26	Multiple Updates
2020-05-23 01:39:59	Multiple Updates
2020-05-23 00:23:17	Multiple Updates
2018-10-12 00:20:36	Multiple Updates
2017-09-29 09:24:03	Multiple Updates
2016-04-26 18:35:54	Multiple Updates
2014-12-16 13:24:29	Multiple Updates
2014-02-17 10:48:38	Multiple Updates
2013-05-10 23:43:18	Multiple Updates

Global Informations

Type	Count
CWE ID(s)	1
Oval ID(s)	2
CPE ID(s)	21
Sources(s)	18
osvdb(s)	1
ExploitDB Exploit(s)	1
Openvas Exploit(s)	4
Nessus® Exploit(s)	7

	Related
10	GLSA-201412-08
6.2	USN-719-1
6.2	SUN-252767
6.2	HPSBUX02415 SSR...
6.2	GLSA-200903-39
6.2	DSA-1721
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 6 more Alert(s)

6.2 - CVE-2009-0360

Executive Summary

Security-Database Scoring CVSS v3

Security-Database Scoring CVSS v2

Detail

Original Source

CWE : Common Weakness Enumeration

OVAL Definitions

CPE : Common Platform Enumeration

ExploitDB Exploits

OpenVAS Exploits

Open Source Vulnerability Database (OSVDB)

Nessus® Vulnerability Scanner

Sources (Detail)

Alert History

Global Informations

Open Standards

Other Databases

COMPANY

STANDARDS

RECENT POSTS

MENU