CVE-2008-5690 — Opensolaris vulnerability

CWE-2553 documents3 sources

Severity

2.1LOWNVD

EPSS

0.0%

top 86.95%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

SUN Opensolaris SUN Solaris

Timeline

PublishedDec 19

Latest updateMay 17

Description

The Kerberos credential renewal feature in Sun Solaris 8, 9, and 10, and OpenSolaris build snv_01 through snv_104, allows local users to cause a denial of service (authentication failure) via unspecified vectors related to incorrect cache file permissions, and lack of credential storage by the store_cred function in pam_krb5.

CVSS vector

AV:L/AC:L/C:N/I:N/A:PExploitability: 3.9 | Impact: 2.9

Affected Packages2 packages

▶NVDsun/opensolaris104 versions+103

▶NVDsun/solaris10, 8, 9+2

Patches

Patch: secunia.com ↗Patch: sunsolve.sun.com ↗Patch: secunia.com ↗

🔴Vulnerability Details

GHSA

GHSA-2pwm-376p-g82r: The Kerberos credential renewal feature in Sun Solaris 8, 9, and 10, and OpenSolaris build snv_01 through snv_104, allows local users to cause a denia↗2022-05-17

▶

CVEList

CVE-2008-5690: The Kerberos credential renewal feature in Sun Solaris 8, 9, and 10, and OpenSolaris build snv_01 through snv_104, allows local users to cause a denia↗2008-12-19

▶