Vulnerability Name:

CVE-2009-0360 (CCN-48735)

Assigned:2009-02-11
Published:2009-02-11
Updated:2018-10-11
Summary:Russ Allbery pam-krb5 before 3.13, when linked against MIT Kerberos, does not properly initialize the Kerberos libraries for setuid use, which allows local users to gain privileges by pointing an environment variable to a modified Kerberos configuration file, and then launching a PAM-based setuid application.
Per vendor advisory:
http://www.eyrie.org/~eagle/software/pam-krb5/security/2009-02-11.html

"This advisory is only for my pam-krb5 module, as distributed from my web site and packaged by Debian, Ubuntu, and Gentoo."
CVSS v3 Severity:9.3 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:6.2 Medium (CVSS v2 Vector: AV:L/AC:H/Au:N/C:C/I:C/A:C)
5.1 Medium (Temporal CVSS v2 Vector: AV:L/AC:H/Au:N/C:C/I:C/A:C/E:F/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): High
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
6.9 Medium (CCN CVSS v2 Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C)
5.7 Medium (CCN Temporal CVSS v2 Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C/E:F/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Medium
Athentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-287
Vulnerability Consequences:Gain Privileges
References:Source: MITRE
Type: CNA
CVE-2009-0360

Source: CCN
Type: SA33914
pam-krb5 File Overwrite and Privilege Escalation

Source: SECUNIA
Type: Vendor Advisory
33914

Source: SECUNIA
Type: Vendor Advisory
33917

Source: CCN
Type: SA33921
Sun Solaris / SEAM Kerberos PAM Module Privilege Escalation

Source: CCN
Type: SA34260
Avaya CMS Solaris Kerberos PAM Module Privilege Escalation

Source: SECUNIA
Type: UNKNOWN
34260

Source: SECUNIA
Type: UNKNOWN
34449

Source: GENTOO
Type: UNKNOWN
GLSA-200903-39

Source: CCN
Type: SECTRACK ID: 1021711
pam-krb5 Lets Local Users Gain Elevated Privileges

Source: SECTRACK
Type: UNKNOWN
1021711

Source: CCN
Type: Sun Alert ID: 252767
A Security Vulnerability in the Solaris Kerberos PAM Module May Allow Use of a User Specified Kerberos Configuration File, Leading to Escalation of Privileges

Source: SUNALERT
Type: UNKNOWN
252767

Source: CONFIRM
Type: UNKNOWN
http://support.avaya.com/elmodocs2/security/ASA-2009-070.htm

Source: CCN
Type: ASA-2009-070
A Security Vulnerability in the Solaris Kerberos PAM Module May Allow Use of a User Specified Kerberos Configuration File Leading to Escalation of Privileges (Sun 252767)

Source: CCN
Type: ASA-2009-129
HP-UX Running PAM Kerberos Local Privilege Escalation Unauthorized Access (HPSBUX02415)

Source: DEBIAN
Type: UNKNOWN
DSA-1721

Source: DEBIAN
Type: DSA-1721
libpam-krb5 -- several vulnerabilities

Source: CCN
Type: pam-krb5 2009-02-11 Advisory
Local privilege escalation, local file overwrite

Source: MISC
Type: Vendor Advisory
http://www.eyrie.org/~eagle/software/pam-krb5/security/2009-02-11.html

Source: CCN
Type: GLSA-200903-39
pam_krb5: Privilege escalation

Source: CCN
Type: OSVDB ID: 54343
Russ Allbery pam-krb5 Kerberos Library Initialization Subversion Local Privilege Escalation

Source: BUGTRAQ
Type: UNKNOWN
20090211 pam-krb5 security advisory (3.12 and earlier)

Source: BID
Type: UNKNOWN
33740

Source: CCN
Type: BID-33740
pam-krb5 Local Privilege Escalation Vulnerability

Source: CCN
Type: USN-719-1
pam-krb5 vulnerabilities

Source: UBUNTU
Type: UNKNOWN
USN-719-1

Source: VUPEN
Type: UNKNOWN
ADV-2009-0410

Source: VUPEN
Type: UNKNOWN
ADV-2009-0426

Source: VUPEN
Type: UNKNOWN
ADV-2009-0979

Source: XF
Type: UNKNOWN
pamkrb5-api-privilege-escalation(48735)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:5669

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:5732

Vulnerable Configuration:Configuration 1:
  • cpe:/a:eyrie:pam-krb5:2.0:*:*:*:*:*:*:*
  • OR cpe:/a:eyrie:pam-krb5:2.1:*:*:*:*:*:*:*
  • OR cpe:/a:eyrie:pam-krb5:2.2:*:*:*:*:*:*:*
  • OR cpe:/a:eyrie:pam-krb5:2.3:*:*:*:*:*:*:*
  • OR cpe:/a:eyrie:pam-krb5:2.4:*:*:*:*:*:*:*
  • OR cpe:/a:eyrie:pam-krb5:2.5:*:*:*:*:*:*:*
  • OR cpe:/a:eyrie:pam-krb5:2.6:*:*:*:*:*:*:*
  • OR cpe:/a:eyrie:pam-krb5:3.0:*:*:*:*:*:*:*
  • OR cpe:/a:eyrie:pam-krb5:3.1:*:*:*:*:*:*:*
  • OR cpe:/a:eyrie:pam-krb5:3.2:*:*:*:*:*:*:*
  • OR cpe:/a:eyrie:pam-krb5:3.3:*:*:*:*:*:*:*
  • OR cpe:/a:eyrie:pam-krb5:3.4:*:*:*:*:*:*:*
  • OR cpe:/a:eyrie:pam-krb5:3.5:*:*:*:*:*:*:*
  • OR cpe:/a:eyrie:pam-krb5:3.6:*:*:*:*:*:*:*
  • OR cpe:/a:eyrie:pam-krb5:3.7:*:*:*:*:*:*:*
  • OR cpe:/a:eyrie:pam-krb5:3.8:*:*:*:*:*:*:*
  • OR cpe:/a:eyrie:pam-krb5:3.9:*:*:*:*:*:*:*
  • OR cpe:/a:eyrie:pam-krb5:3.10:*:*:*:*:*:*:*
  • OR cpe:/a:eyrie:pam-krb5:3.11:*:*:*:*:*:*:*
  • OR cpe:/a:eyrie:pam-krb5:*:*:*:*:*:*:*:* (Version <= 3.12)

    • Configuration CCN 1:
  • cpe:/o:sun:solaris:9::x86:*:*:*:*:*
  • OR cpe:/o:sun:solaris:10::sparc:*:*:*:*:*
  • OR cpe:/o:sun:solaris:10::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_89::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_89::sparc:*:*:*:*:*
  • OR cpe:/o:sun:solaris:9::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_95::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_95::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_01::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_02::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_13::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_19::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_22::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_39::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_47::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_64::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_79b::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_88::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_01::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_02::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_13::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_19::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_22::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_39::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_47::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_64::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_79b::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_88::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_03::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_04::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_05::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_06::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_07::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_08::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_09::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_10::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_11::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_12::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_14::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_15::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_16::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_18::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_20::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_21::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_24::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_25::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_26::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_27::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_28::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_29::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_31::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_32::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_33::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_34::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_35::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_37::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_41::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_43::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_44::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_45::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_48::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_50::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_53::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_54::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_56::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_58::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_59::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_60::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_62::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_65::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_68::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_69::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_72::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_75::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_76::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_78::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_81::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_82::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_84::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_85::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_87::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_86::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_17::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_23::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_30::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_36::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_38::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_42::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_46::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_49::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_51::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_52::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_55::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_57::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_61::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_63::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_66::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_67::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_70::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_71::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_73::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_74::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_77::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_79::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_83::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_03::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_04::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_05::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_06::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_07::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_15::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_08::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_14::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_11::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_17::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_12::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_09::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_16::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_10::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_21::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_20::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_27::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_26::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_25::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_24::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_23::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_18::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_28::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_33::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_34::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_35::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_36::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_32::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_37::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_31::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_30::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_29::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_40::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_41::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_42::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_43::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_44::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_38::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_45::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_46::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_48::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_55::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_54::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_50::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_57::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_49::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_56::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_52::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_51::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_53::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_67::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_66::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_59::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_65::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_58::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_61::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_63::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_60::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_62::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_71::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_68::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_72::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_77::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_70::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_74::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_73::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_76::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_69::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_75::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_78::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_84::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_83::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_79::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_86::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_85::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_87::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_80::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_82::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_81::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_100::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_100::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_102::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_102::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_80::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_91::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_91::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_90::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_90::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_40::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_104::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_104::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_101::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_101::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_105::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_105::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_92::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_92::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_93::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_94::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_99::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_98::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_97::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_96::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_94::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_93::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_99::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_97::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_98::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_96::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_103::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_103::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_106::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_106::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_107::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_107::x86:*:*:*:*:*
  • AND
  • cpe:/o:gentoo:linux:*:*:*:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:4.0:*:*:*:*:*:*:*
  • OR cpe:/o:canonical:ubuntu:8.04::lts:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.mitre.oval:def:5669
    V
    		HP-UX Running PAM Kerberos, Local Privilege Escalation, Unauthorized Access
    2015-04-20
    oval:org.mitre.oval:def:13801
    P
    		USN-719-1 -- libpam-krb5 vulnerabilities
    2014-06-30
    oval:org.mitre.oval:def:13723
    P
    		DSA-1721-1 libpam-krb5 -- several
    2014-06-23
    oval:org.mitre.oval:def:8149
    P
    		DSA-1721 libpam-krb5 -- several vulnerabilities
    2014-06-23
    oval:org.mitre.oval:def:5732
    V
    		A Security Vulnerability in the Solaris Kerberos PAM Module May Allow Use of a User Specified Kerberos Configuration File, Leading to Escalation of Privileges
    2009-05-11
    oval:org.debian:def:1721
    V
    		several vulnerabilities
    2009-02-11
    BACK
    eyrie pam-krb5 2.0
    eyrie pam-krb5 2.1
    eyrie pam-krb5 2.2
    eyrie pam-krb5 2.3
    eyrie pam-krb5 2.4
    eyrie pam-krb5 2.5
    eyrie pam-krb5 2.6
    eyrie pam-krb5 3.0
    eyrie pam-krb5 3.1
    eyrie pam-krb5 3.2
    eyrie pam-krb5 3.3
    eyrie pam-krb5 3.4
    eyrie pam-krb5 3.5
    eyrie pam-krb5 3.6
    eyrie pam-krb5 3.7
    eyrie pam-krb5 3.8
    eyrie pam-krb5 3.9
    eyrie pam-krb5 3.10
    eyrie pam-krb5 3.11
    eyrie pam-krb5 *
    sun solaris 9
    sun solaris 10
    sun solaris 10
    sun opensolaris build_snv_89
    sun opensolaris build_snv_89
    sun solaris 9
    sun opensolaris build_snv_95
    sun opensolaris build_snv_95
    sun opensolaris build_snv_01
    sun opensolaris build_snv_02
    sun opensolaris build_snv_13
    sun opensolaris build_snv_19
    sun opensolaris build_snv_22
    sun opensolaris build_snv_39
    sun opensolaris build_snv_47
    sun opensolaris build_snv_64
    sun opensolaris build_snv_79b
    sun opensolaris build_snv_88
    sun opensolaris build_snv_01
    sun opensolaris build_snv_02
    sun opensolaris build_snv_13
    sun opensolaris build_snv_19
    sun opensolaris build_snv_22
    sun opensolaris build_snv_39
    sun opensolaris build_snv_47
    sun opensolaris build_snv_64
    sun opensolaris build_snv_79b
    sun opensolaris build_snv_88
    sun opensolaris build_snv_03
    sun opensolaris build_snv_04
    sun opensolaris build_snv_05
    sun opensolaris build_snv_06
    sun opensolaris build_snv_07
    sun opensolaris build_snv_08
    sun opensolaris build_snv_09
    sun opensolaris build_snv_10
    sun opensolaris build_snv_11
    sun opensolaris build_snv_12
    sun opensolaris build_snv_14
    sun opensolaris build_snv_15
    sun opensolaris build_snv_16
    sun opensolaris build_snv_18
    sun opensolaris build_snv_20
    sun opensolaris build_snv_21
    sun opensolaris build_snv_24
    sun opensolaris build_snv_25
    sun opensolaris build_snv_26
    sun opensolaris build_snv_27
    sun opensolaris build_snv_28
    sun opensolaris build_snv_29
    sun opensolaris build_snv_31
    sun opensolaris build_snv_32
    sun opensolaris build_snv_33
    sun opensolaris build_snv_34
    sun opensolaris build_snv_35
    sun opensolaris build_snv_37
    sun opensolaris build_snv_41
    sun opensolaris build_snv_43
    sun opensolaris build_snv_44
    sun opensolaris build_snv_45
    sun opensolaris build_snv_48
    sun opensolaris build_snv_50
    sun opensolaris build_snv_53
    sun opensolaris build_snv_54
    sun opensolaris build_snv_56
    sun opensolaris build_snv_58
    sun opensolaris build_snv_59
    sun opensolaris build_snv_60
    sun opensolaris build_snv_62
    sun opensolaris build_snv_65
    sun opensolaris build_snv_68
    sun opensolaris build_snv_69
    sun opensolaris build_snv_72
    sun opensolaris build_snv_75
    sun opensolaris build_snv_76
    sun opensolaris build_snv_78
    sun opensolaris build_snv_81
    sun opensolaris build_snv_82
    sun opensolaris build_snv_84
    sun opensolaris build_snv_85
    sun opensolaris build_snv_87
    sun opensolaris build_snv_86
    sun opensolaris build_snv_17
    sun opensolaris build_snv_23
    sun opensolaris build_snv_30
    sun opensolaris build_snv_36
    sun opensolaris build_snv_38
    sun opensolaris build_snv_42
    sun opensolaris build_snv_46
    sun opensolaris build_snv_49
    sun opensolaris build_snv_51
    sun opensolaris build_snv_52
    sun opensolaris build_snv_55
    sun opensolaris build_snv_57
    sun opensolaris build_snv_61
    sun opensolaris build_snv_63
    sun opensolaris build_snv_66
    sun opensolaris build_snv_67
    sun opensolaris build_snv_70
    sun opensolaris build_snv_71
    sun opensolaris build_snv_73
    sun opensolaris build_snv_74
    sun opensolaris build_snv_77
    sun opensolaris build_snv_79
    sun opensolaris build_snv_83
    sun opensolaris build_snv_03
    sun opensolaris build_snv_04
    sun opensolaris build_snv_05
    sun opensolaris build_snv_06
    sun opensolaris build_snv_07
    sun opensolaris build_snv_15
    sun opensolaris build_snv_08
    sun opensolaris build_snv_14
    sun opensolaris build_snv_11
    sun opensolaris build_snv_17
    sun opensolaris build_snv_12
    sun opensolaris build_snv_09
    sun opensolaris build_snv_16
    sun opensolaris build_snv_10
    sun opensolaris build_snv_21
    sun opensolaris build_snv_20
    sun opensolaris build_snv_27
    sun opensolaris build_snv_26
    sun opensolaris build_snv_25
    sun opensolaris build_snv_24
    sun opensolaris build_snv_23
    sun opensolaris build_snv_18
    sun opensolaris build_snv_28
    sun opensolaris build_snv_33
    sun opensolaris build_snv_34
    sun opensolaris build_snv_35
    sun opensolaris build_snv_36
    sun opensolaris build_snv_32
    sun opensolaris build_snv_37
    sun opensolaris build_snv_31
    sun opensolaris build_snv_30
    sun opensolaris build_snv_29
    sun opensolaris build_snv_40
    sun opensolaris build_snv_41
    sun opensolaris build_snv_42
    sun opensolaris build_snv_43
    sun opensolaris build_snv_44
    sun opensolaris build_snv_38
    sun opensolaris build_snv_45
    sun opensolaris build_snv_46
    sun opensolaris build_snv_48
    sun opensolaris build_snv_55
    sun opensolaris build_snv_54
    sun opensolaris build_snv_50
    sun opensolaris build_snv_57
    sun opensolaris build_snv_49
    sun opensolaris build_snv_56
    sun opensolaris build_snv_52
    sun opensolaris build_snv_51
    sun opensolaris build_snv_53
    sun opensolaris build_snv_67
    sun opensolaris build_snv_66
    sun opensolaris build_snv_59
    sun opensolaris build_snv_65
    sun opensolaris build_snv_58
    sun opensolaris build_snv_61
    sun opensolaris build_snv_63
    sun opensolaris build_snv_60
    sun opensolaris build_snv_62
    sun opensolaris build_snv_71
    sun opensolaris build_snv_68
    sun opensolaris build_snv_72
    sun opensolaris build_snv_77
    sun opensolaris build_snv_70
    sun opensolaris build_snv_74
    sun opensolaris build_snv_73
    sun opensolaris build_snv_76
    sun opensolaris build_snv_69
    sun opensolaris build_snv_75
    sun opensolaris build_snv_78
    sun opensolaris build_snv_84
    sun opensolaris build_snv_83
    sun opensolaris build_snv_79
    sun opensolaris build_snv_86
    sun opensolaris build_snv_85
    sun opensolaris build_snv_87
    sun opensolaris build_snv_80
    sun opensolaris build_snv_82
    sun opensolaris build_snv_81
    sun opensolaris build_snv_100
    sun opensolaris build_snv_100
    sun opensolaris build_snv_102
    sun opensolaris build_snv_102
    sun opensolaris build_snv_80
    sun opensolaris build_snv_91
    sun opensolaris build_snv_91
    sun opensolaris build_snv_90
    sun opensolaris build_snv_90
    sun opensolaris build_snv_40
    sun opensolaris build_snv_104
    sun opensolaris build_snv_104
    sun opensolaris build_snv_101
    sun opensolaris build_snv_101
    sun opensolaris build_snv_105
    sun opensolaris build_snv_105
    sun opensolaris build_snv_92
    sun opensolaris build_snv_92
    sun opensolaris build_snv_93
    sun opensolaris build_snv_94
    sun opensolaris build_snv_99
    sun opensolaris build_snv_98
    sun opensolaris build_snv_97
    sun opensolaris build_snv_96
    sun opensolaris build_snv_94
    sun opensolaris build_snv_93
    sun opensolaris build_snv_99
    sun opensolaris build_snv_97
    sun opensolaris build_snv_98
    sun opensolaris build_snv_96
    sun opensolaris build_snv_103
    sun opensolaris build_snv_103
    sun opensolaris build_snv_106
    sun opensolaris build_snv_106
    sun opensolaris build_snv_107
    sun opensolaris build_snv_107
    gentoo linux *
    debian debian linux 4.0
    canonical ubuntu 8.04