Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-3825

Overview

Vulnerability Score 4.4 4.4
CVE Id CVE-2008-3825
Last Modified 17 Feb 2011 01:33:27
Published 03 Oct 2008 11:07:10
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity MEDIUM
Authentication NONE

CVE-2008-3825

Summary

pam_krb5 2.2.14 in Red Hat Enterprise Linux (RHEL) 5 and earlier, when the existing_ticket option is enabled, uses incorrect privileges when reading a Kerberos credential cache, which allows local users to gain privileges by setting the KRB5CCNAME environment variable to an arbitrary cache filename and running the (1) su or (2) sudo program. NOTE: there may be a related vector involving sshd that has limited relevance.

Vulnerable Systems

Operating System

  • Redhat Enterprise Linux 5

  • Redhat Enterprise Linux Desktop 5


References

FEDORA - FEDORA-2008-8618

FEDORA - FEDORA-2008-8605

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=461960

XF - pamkrb5-existingticket-privilege-escalation(45635)

CONFIRM - http://www.vmware.com/security/advisories/VMSA-2011-0003.html

SECTRACK - 1020978

BID - 31534

BUGTRAQ - 20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX

REDHAT - RHSA-2008:0907

MANDRIVA - MDVSA-2008:209

SECUNIA - 43314

SECUNIA - 32174

SECUNIA - 32135

SECUNIA - 32119

SUSE - SUSE-SR:2008:027

Related Patches

Novell SUSE 2008:5616 pam_krb5 security update for SLE 10 i586


Last Updated: 27 May 2016 10:48:19