CVE-2008-3825
4.4 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:P/I:P/A:P
7.6 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
10.1%
pam_krb5 2.2.14 in Red Hat Enterprise Linux (RHEL) 5 and earlier, when the existing_ticket option is enabled, uses incorrect privileges when reading a Kerberos credential cache, which allows local users to gain privileges by setting the KRB5CCNAME environment variable to an arbitrary cache filename and running the (1) su or (2) sudo program. NOTE: there may be a related vector involving sshd that has limited relevance.
Affected configurations
References
lists.opensuse.org/opensuse-security-announce/2008-12/msg00002.html
secunia.com/advisories/32119
secunia.com/advisories/32135
secunia.com/advisories/32174
secunia.com/advisories/43314
www.mandriva.com/security/advisories?name=MDVSA-2008:209
www.redhat.com/support/errata/RHSA-2008-0907.html
www.securityfocus.com/archive/1/516397/100/0/threaded
www.securityfocus.com/bid/31534
www.securitytracker.com/id?1020978
www.vmware.com/security/advisories/VMSA-2011-0003.html
bugzilla.redhat.com/show_bug.cgi?id=461960
exchange.xforce.ibmcloud.com/vulnerabilities/45635
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10923
www.redhat.com/archives/fedora-package-announce/2008-October/msg00150.html
www.redhat.com/archives/fedora-package-announce/2008-October/msg00166.html
Related
4.4 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:P/I:P/A:P
7.6 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
10.1%