Lucene search
RootSSV:4752HistoryFeb 13, 2009 - 12:00 a.m.
pam-krb5 KRB5CCNAME环境变量本地权限提升漏洞
2009-02-1300:00:00
Root
www.seebug.org
36
0.0004 Low
EPSS
Percentile
8.6%
BUGTRAQ ID: 33741
CVE(CAN) ID: CVE-2009-0361
pam-krb5提供了支持认证、授权、用户票据缓存处理等功能的Kerberos v5 PAM模块。
在刷新已有的用户凭据时pam-krb5会使用PAM_REINITIALIZE_CREDS或PAM_REFRESH_CREDS调用pam_setcred,因此会使用已有的KRB5CCNAME环境变量确定已有的Kerberos凭据缓存。如果setuid应用程序没有首先调用PAM_ESTABLISH_CREDS或丢弃权限便调用了这些API的话,pam-krb5就可能覆盖KRB5CCNAME指定给攻击者的文件并更改该文件的权限。
Russ Allbery pam-krb5 < 3.13
厂商补丁:
Russ Allbery
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
<a href=“http://www.eyrie.org/~eagle/software/pam-krb5/” target=“_blank”>http://www.eyrie.org/~eagle/software/pam-krb5/</a>
Related
openvas
openvas
Debian Security Advisory DSA 1722-1 (libpam-heimdal)
2009-02-13 00:00:00
Debian: Security Advisory (DSA-1722-1)
2009-02-13 00:00:00
Debian Security Advisory DSA 1721-1 (libpam-krb5)
2009-02-13 00:00:00
prion
prion
Code injection
2009-02-13 17:30:00
cvelist
cvelist
CVE-2009-0361
2009-02-13 17:00:00
cve
cve
CVE-2009-0361
2009-02-13 17:30:00
securityvulns
securityvulns
[SECURITY] [DSA 1722-1] New libpam-heimdal packages fix local privilege escalation
2009-02-12 00:00:00
pam_kerberos multiple security vulnerabilities
2009-02-12 00:00:00
pam-krb5 security advisory (3.12 and earlier)
2009-02-12 00:00:00
debian
debian
ubuntucve
ubuntucve
CVE-2009-0361
2009-02-13 00:00:00
debiancve
debiancve
CVE-2009-0361
2009-02-13 17:30:00
redhatcve
redhatcve
CVE-2009-0361
2015-10-30 10:13:40
nessus
nessus
Solaris 10 (sparc) : 138371-06
2008-12-17 00:00:00
Ubuntu 8.04 LTS / 8.10 : libpam-krb5 vulnerabilities (USN-719-1)
2009-04-23 00:00:00
GLSA-200903-39 : pam_krb5: Privilege escalation
2009-03-27 00:00:00
ubuntu
ubuntu
pam-krb5 vulnerabilities
2009-02-12 00:00:00
gentoo
gentoo
pam_krb5: Privilege escalation
2009-03-25 00:00:00
Multiple packages, Multiple vulnerabilities fixed in 2010
2014-12-11 00:00:00
osv
osv
libpam-krb5 - local privilege
2009-02-11 00:00:00