Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2009-0361
HistoryFeb 13, 2009 - 12:00 a.m.

CVE-2009-0361

2009-02-1300:00:00
ubuntu.com
ubuntu.com
7

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

9.4%

JSON

Russ Allbery pam-krb5 before 3.13, as used by libpam-heimdal, su in Solaris
10, and other software, does not properly handle calls to pam_setcred when
running setuid, which allows local users to overwrite and change the
ownership of arbitrary files by setting the KRB5CCNAME environment
variable, and then launching a setuid application that performs certain
pam_setcred operations.

OSVersionArchitecturePackageVersionFilename
ubuntu8.04noarchlibpam-krb5<Β 3.10-1ubuntu0.8.04.1UNKNOWN
ubuntu8.10noarchlibpam-krb5<Β 3.10-1ubuntu0.8.10.1UNKNOWN
ubuntu9.04noarchlibpam-krb5<Β 3.11-4ubuntu1UNKNOWN
ubuntu9.10noarchlibpam-krb5<Β 3.11-4ubuntu1UNKNOWN
ubuntu10.04noarchlibpam-krb5<Β 3.11-4ubuntu1UNKNOWN
ubuntu10.10noarchlibpam-krb5<Β 3.11-4ubuntu1UNKNOWN
ubuntu11.04noarchlibpam-krb5<Β 3.11-4ubuntu1UNKNOWN
ubuntu11.10noarchlibpam-krb5<Β 3.11-4ubuntu1UNKNOWN

Related

openvas 11
seebug 1
prion 1
cve 1
cvelist 1
debian 2
debiancve 1
redhatcve 1
securityvulns 3
nessus 9
ubuntu 1
gentoo 2
osv 1
openvas
openvas
Debian Security Advisory DSA 1722-1 (libpam-heimdal)
2009-02-13 00:00:00
Debian: Security Advisory (DSA-1722-1)
2009-02-13 00:00:00
Debian Security Advisory DSA 1721-1 (libpam-krb5)
2009-02-13 00:00:00
seebug
seebug
pam-krb5 KRB5CCNAMEηŽ―ε’ƒε˜ι‡ζœ¬εœ°ζƒι™ζε‡ζΌζ΄ž
2009-02-13 00:00:00
prion
prion
Code injection
2009-02-13 17:30:00
cve
cve
CVE-2009-0361
2009-02-13 17:30:00
cvelist
cvelist
CVE-2009-0361
2009-02-13 17:00:00
debian
debian
[SECURITY] [DSA 1722-1] New libpam-heimdal packages fix local privilege escalation
2009-02-11 21:05:08
[SECURITY] [DSA 1721-1] New libpam-krb5 packages fix local privilege escalation
2009-02-11 20:58:44
debiancve
debiancve
CVE-2009-0361
2009-02-13 17:30:00
redhatcve
redhatcve
CVE-2009-0361
2015-10-30 10:13:40
securityvulns
securityvulns
[SECURITY] [DSA 1722-1] New libpam-heimdal packages fix local privilege escalation
2009-02-12 00:00:00
pam_kerberos multiple security vulnerabilities
2009-02-12 00:00:00
pam-krb5 security advisory &#40;3.12 and earlier&#41;
2009-02-12 00:00:00
nessus
nessus
Solaris 10 (sparc) : 138371-06
2008-12-17 00:00:00
Ubuntu 8.04 LTS / 8.10 : libpam-krb5 vulnerabilities (USN-719-1)
2009-04-23 00:00:00
GLSA-200903-39 : pam_krb5: Privilege escalation
2009-03-27 00:00:00
ubuntu
ubuntu
pam-krb5 vulnerabilities
2009-02-12 00:00:00
gentoo
gentoo
pam_krb5: Privilege escalation
2009-03-25 00:00:00
Multiple packages, Multiple vulnerabilities fixed in 2010
2014-12-11 00:00:00
osv
osv
libpam-krb5 - local privilege
2009-02-11 00:00:00

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

9.4%

JSON
Related for UB:CVE-2009-0361
openvas11seebug1prion1cve1cvelist1debian2debiancve1redhatcve1securityvulns3nessus9ubuntu1gentoo2osv1