oval:org.mitre.oval:def:2065

Definition Id: oval:org.mitre.oval:def:2065

Oval ID:	oval:org.mitre.oval:def:2065
Title:	Kerberos Client Plaintext Password Vulnerability
Description:	Solaris 9, when configured as a Kerberos client with patch 112908-12 or 115168-03 and using pam_krb5 as an "auth" module with the debug feature enabled, records passwords in plaintext, which could allow local users to gain other user's passwords by reading log files.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2004-0653	Version:	1
Platform(s):	Sun Solaris 9	Product(s):	pam_krb5
Definition Synopsis:
Software section Solaris 9 Installed AND Kerberos 5 installed AND NOT Patch 112908-13 or later installed AND Patch 112908-12 installed AND Configuration section /etc/pam.conf is configured to use pam_krb5 as an 'auth' module and the debug feature of pam_krb5 is enabled AND /etc/krb5/krb5.conf is configured with a kerberos domain AND /etc/syslog.conf is configured to log "debug" level messages for at least daemon