Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2009-0360HistoryFeb 13, 2009 - 5:30 p.m.
CVE-2009-0360
2009-02-1317:30:00
Debian Security Bug Tracker
security-tracker.debian.org
8
6.2 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:H/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
0.4%
Russ Allbery pam-krb5 before 3.13, when linked against MIT Kerberos, does not properly initialize the Kerberos libraries for setuid use, which allows local users to gain privileges by pointing an environment variable to a modified Kerberos configuration file, and then launching a PAM-based setuid application.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | libpam-krb5 | < 3.13-2 | libpam-krb5_3.13-2_all.deb |
| Debian | 11 | all | libpam-krb5 | < 3.13-2 | libpam-krb5_3.13-2_all.deb |
| Debian | 10 | all | libpam-krb5 | < 3.13-2 | libpam-krb5_3.13-2_all.deb |
| Debian | 999 | all | libpam-krb5 | < 3.13-2 | libpam-krb5_3.13-2_all.deb |
| Debian | 13 | all | libpam-krb5 | < 3.13-2 | libpam-krb5_3.13-2_all.deb |
Related
seebug
seebug
pam-krb5 API使用本地权限提升漏洞
2009-02-13 00:00:00
pam-krb5 < 3.13 Local Privilege Escalation Exploit
2009-03-30 00:00:00
pam-krb5 < 3.13 Local Privilege Escalation Exploit
2014-07-01 00:00:00
prion
prion
Code injection
2009-02-13 17:30:00
exploitpack
exploitpack
pam-krb5 3.13 - Local Privilege Escalation
2009-03-29 00:00:00
ubuntucve
ubuntucve
CVE-2009-0360
2009-02-13 00:00:00
cve
cve
CVE-2009-0360
2009-02-13 17:30:00
redhatcve
redhatcve
CVE-2009-0360
2015-10-30 10:13:44
cvelist
cvelist
CVE-2009-0360
2009-02-13 17:00:00
exploitdb
exploitdb
pam-krb5 < 3.13 - Local Privilege Escalation
2009-03-29 00:00:00
nessus
nessus
Solaris 10 (sparc) : 138371-06
2008-12-17 00:00:00
Ubuntu 8.04 LTS / 8.10 : libpam-krb5 vulnerabilities (USN-719-1)
2009-04-23 00:00:00
GLSA-200903-39 : pam_krb5: Privilege escalation
2009-03-27 00:00:00
openvas
openvas
Debian Security Advisory DSA 1721-1 (libpam-krb5)
2009-02-13 00:00:00
Gentoo Security Advisory GLSA 200903-39 (pam_krb5)
2009-03-31 00:00:00
Debian: Security Advisory (DSA-1721-1)
2009-02-13 00:00:00
securityvulns
securityvulns
pam_kerberos multiple security vulnerabilities
2009-02-12 00:00:00
pam-krb5 security advisory (3.12 and earlier)
2009-02-12 00:00:00
debian
debian
ubuntu
ubuntu
pam-krb5 vulnerabilities
2009-02-12 00:00:00
gentoo
gentoo
pam_krb5: Privilege escalation
2009-03-25 00:00:00
Multiple packages, Multiple vulnerabilities fixed in 2010
2014-12-11 00:00:00
osv
osv
libpam-krb5 - local privilege
2009-02-11 00:00:00
6.2 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:H/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
0.4%
Related for DEBIANCVE:CVE-2009-0360