Lucene search
K

5 matches found

Tenable Nessus
Tenable Nessus
added 2020/04/02 12:0 a.m.27 views

Ubuntu 16.04 LTS / 18.04 LTS : pam-krb5 vulnerability (USN-4314-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-4314-1 advisory. Russ Allbery discovered that pam-krb5 incorrectly handled some responses. An attacker could possibly use this issue to execute arbitrary code. Tenable...

9.8CVSS8.7AI score0.04784EPSS
Exploits0References2
OSV
OSV
added 2009/02/13 5:30 p.m.10 views

CVE-2009-0361

Russ Allbery pam-krb5 before 3.13, as used by libpam-heimdal, su in Solaris 10, and other software, does not properly handle calls to pamsetcred when running setuid, which allows local users to overwrite and change the ownership of arbitrary files by setting the KRB5CCNAME environment variable, a...

6.1AI score
Exploits0References20
CVE
CVE
added 2009/02/13 5:0 p.m.62 views

CVE-2009-0360

CVE-2009-0360 affects the PAM Kerberos library (pam-krb5) when linked against MIT Kerberos, where improper initialization for setuid use allows a local attacker to gain privileges by pointing an environment variable to a modified Kerberos config file and launching a PAM-based setuid application. ...

6.2CVSS8.8AI score0.00695EPSS
Exploits6References18Affected Software1
Tenable Nessus
Tenable Nessus
added 2009/02/13 12:0 a.m.32 views

Debian DSA-1721-1 : libpam-krb5 - several vulnerabilities

Several local vulnerabilities have been discovered in the PAM module for MIT Kerberos. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2009-0360 Russ Allbery discovered that the Kerberos PAM module parsed configuration settings from environment variables...

6.2CVSS5.4AI score0.00695EPSS
Exploits7References5
OpenVAS
OpenVAS
added 2008/01/17 12:0 a.m.15 views

Debian Security Advisory DSA 1109-1 (rssh)

The remote host is missing an update to rssh announced via advisory DSA 1109-1. Russ Allbery discovered that rssh, a restricted shell, performs insufficient checking of incoming commands, which might lead to a bypass of access restrictions. OpenVAS Vulnerability Test $Id: deb11091.nasl 6616...

7.5CVSS0.9AI score0.01858EPSS
Exploits0
Rows per page
Query Builder