Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2009-1384HistoryMay 28, 2009 - 8:30 p.m.
CVE-2009-1384
2009-05-2820:30:00
Debian Security Bug Tracker
security-tracker.debian.org
7
0.007 Low
EPSS
Percentile
80.2%
pam_krb5 2.2.14 through 2.3.4, as used in Red Hat Enterprise Linux (RHEL) 5, generates different password prompts depending on whether the user account exists, which allows remote attackers to enumerate valid usernames.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | libpam-krb5 | < 4.11-1 | libpam-krb5_4.11-1_all.deb |
| Debian | 11 | all | libpam-krb5 | < 4.9-2 | libpam-krb5_4.9-2_all.deb |
| Debian | 10 | all | libpam-krb5 | < 4.8-2+deb10u1 | libpam-krb5_4.8-2+deb10u1_all.deb |
| Debian | 999 | all | libpam-krb5 | < 4.11-1 | libpam-krb5_4.11-1_all.deb |
| Debian | 13 | all | libpam-krb5 | < 4.11-1 | libpam-krb5_4.11-1_all.deb |
Related
openvas
openvas
Fedora Core 10 FEDORA-2009-6255 (pam_krb5)
2009-06-30 00:00:00
RedHat Update for pam_krb5 RHSA-2010:0258-04
2010-04-06 00:00:00
Mandriva Update for pam_krb5 MDVSA-2010:054 (pam_krb5)
2010-03-12 00:00:00
nessus
nessus
Fedora 10 : pam_krb5-2.3.5-1.fc10 (2009-6255)
2009-06-28 00:00:00
Fedora 9 : pam_krb5-2.3.5-1.fc9 (2009-6279)
2009-06-28 00:00:00
Oracle Linux 5 : pam_krb5 (ELSA-2010-0258)
2023-09-07 00:00:00
fedora
fedora
[SECURITY] Fedora 11 Update: pam_krb5-2.3.5-1.fc11
2009-06-27 02:49:02
[SECURITY] Fedora 10 Update: pam_krb5-2.3.5-1.fc10
2009-06-27 02:40:43
[SECURITY] Fedora 9 Update: pam_krb5-2.3.5-1.fc9
2009-06-27 03:02:32
cvelist
cvelist
CVE-2009-1384
2009-05-28 20:14:00
prion
prion
Default credentials
2009-05-28 20:30:00
cve
cve
CVE-2009-1384
2009-05-28 20:30:00
redhat
redhat
(RHSA-2010:0258) Low: pam_krb5 security and bug fix update
2010-03-30 00:00:00
oraclelinux
oraclelinux
pam_krb5 security and bug fix update
2010-04-05 00:00:00
ubuntucve
ubuntucve
CVE-2009-1384
2009-05-28 00:00:00
vmware
vmware
ESXi utilities and ESX Service Console third party updates
2010-05-27 00:00:00
ESXi utilities and ESX Service Console third party updates
2010-05-27 00:00:00